02217e0a0b379caca0bb65a9afcb7f0d_JaffaCakes118

General

Target

02217e0a0b379caca0bb65a9afcb7f0d_JaffaCakes118
Size

336KB
MD5

02217e0a0b379caca0bb65a9afcb7f0d
SHA1

54c3b28e5355ae9b30803364fa3dbeec19ccbac4
SHA256

9f6dec31d58a6d981c05f470ae63769e8bca19fc604b331bcf6aa66e75acf7e8
SHA512

68c618fd4a28fd0d6ffecb01d10e45fe0128d524d352381fdbc5f4b07f68275abac50ebe43c2b1264c5a4bd91ed14c53f5a95f2b95cf3a47773be9d8b2249911
SSDEEP

6144:RFHygkgWuDu1ma2celbcGlHN7TNLWOgn6VMKAuF0kbAfB2Jv:4gWpKcGtNTNL6nN8/sf8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02217e0a0b379caca0bb65a9afcb7f0d_JaffaCakes118

Files

02217e0a0b379caca0bb65a9afcb7f0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3280fd3e2dc8b52a5d0f24a93d22a444

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterA
GetBinaryType
IsBadStringPtrA
GetDiskFreeSpaceExA
SetProcessPriorityBoost
QueryInformationJobObject
TransactNamedPipe
LocalFileTimeToFileTime
HeapQueryInformation
GetFileInformationByHandle
ReadConsoleA
IsBadHugeWritePtr
GetDateFormatA
OpenWaitableTimerA
GetPriorityClass
OpenEventA
WideCharToMultiByte
GlobalFree
GetVolumePathNamesForVolumeNameA
UnregisterWait
GetCurrentThread
WaitForDebugEvent
GetSystemWindowsDirectoryA
GetSystemDirectoryA
WaitForSingleObjectEx
EnumSystemLanguageGroupsA
OpenProcess
MultiByteToWideChar
WriteConsoleInputA
IsBadReadPtr
GetSystemTimes
WritePrivateProfileStructA
WriteProcessMemory
GetTimeFormatA
GetModuleFileNameA
Heap32First
SetFilePointer
FormatMessageA
FlushConsoleInputBuffer
LZCopy
CopyFileExA
GetConsoleMode
GetSystemDefaultUILanguage
FindVolumeMountPointClose
DeleteTimerQueueEx
FlushFileBuffers
HeapFree
GetDefaultCommConfigA
LocalCompact
HeapSize
GetModuleHandleA
GetConsoleCursorMode
VirtualAlloc
GetPrivateProfileIntA
GetFileAttributesExA
OpenFileMappingA
SetConsoleKeyShortcuts
CopyFileA
IsBadStringPtrA
RaiseException
ReadConsoleOutputCharacterA
GetStringTypeA
WriteConsoleA
GetProcessHeap

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3280fd3e2dc8b52a5d0f24a93d22a444

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 3KB

.text Size: 324KB - Virtual size: 331KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 324KB - Virtual size: 331KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB