0989f3330b779a7c2104ca15d96f1e35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0989f3330b779a7c2104ca15d96f1e35_JaffaCakes118
Size

249KB
MD5

0989f3330b779a7c2104ca15d96f1e35
SHA1

099b0eae5428e40d852b9c93d9ad0ad31446f453
SHA256

fc5cedb038cd166ae59e82efa5f84fe49b0718e51abcd2613b07b206fa836d3a
SHA512

bd054ac52f9362f78fd739724f661ed647c6fec474bc1ca0b28caf9b2e1318d3112aeb8eb0c2bcf5cc51b6428d22849b47c1f02d1bc7db7dcfffe185bf9d1166
SSDEEP

6144:r2THaosPOvb27I91wkpzPQ/d45JCxlZd4izCW5rRhg2p:r2TgPOvb27SJm45OOizCW5Np

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0989f3330b779a7c2104ca15d96f1e35_JaffaCakes118

Files

0989f3330b779a7c2104ca15d96f1e35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b39b498cd93021d7dfc031df1385dc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
ReleaseMutex
FindClose
WaitForSingleObject
CreateFileA
HeapSize
GetSystemInfo
GetEnvironmentVariableA
DeleteFileA
GetFileSize
GetTickCount
ResetEvent
GetStartupInfoW
AddAtomW
SuspendThread
GetTickCount
GetModuleHandleA
SetEndOfFile
InitializeCriticalSection
FindClose
CreateMutexW
HeapDestroy
ExitProcess
GetCurrentDirectoryA
CloseHandle

wininet

FtpGetFileA
HttpEndRequestA
FtpPutFileA
FtpDeleteFileA
FtpCreateDirectoryA
FtpOpenFileA
FindCloseUrlCache
FtpGetCurrentDirectoryA
DeleteUrlCacheEntryA
FtpFindFirstFileA
HttpQueryInfoA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA

mscpxl32

ConfigureDlgProc
ConfigureDlgProc
ConfigureDlgProc
ConfigureDlgProc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ