159582e0c7fd4fc001fd97522bc18078_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

159582e0c7fd4fc001fd97522bc18078_JaffaCakes118
Size

243KB
MD5

159582e0c7fd4fc001fd97522bc18078
SHA1

59183b13d703c482faa5f138d6527ee08a2d2249
SHA256

cb85367d499a3176b5b21d2c2b950f41ccc0ad98671900aa1d71e145ca6dd379
SHA512

5704767006407b69ac3a70556613d90e21d2e5c901e35990e0ed6a232f488aa7091b2bdcd561e2c053078b19e97c8c719829f42251c43801bdbb33ee0b87b887
SSDEEP

6144:HHaosPOvb27I91wkpzPQ/d45JCxlZd4izCW5rRhg2G:HgPOvb27SJm45OOizCW5NG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
159582e0c7fd4fc001fd97522bc18078_JaffaCakes118

Files

159582e0c7fd4fc001fd97522bc18078_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e515aff0b771b09e7e47c23fb43c295

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
GetModuleHandleA
CloseHandle
ReleaseMutex
DeleteFileA
SetEndOfFile
AddAtomA
HeapSize
HeapDestroy
GetFileSize
SuspendThread
GetTickCount
GetCurrentDirectoryA
InitializeCriticalSection
WaitForSingleObject
GetTickCount
GetEnvironmentVariableA
FindClose
ResetEvent
CreateFileA
HeapCreate
ExitProcess
GetSystemInfo
FindClose
GetStartupInfoW

wininet

DeleteUrlCacheEntryA
FtpDeleteFileA
HttpQueryInfoA
FtpCreateDirectoryA
FtpGetCurrentDirectoryA
DeleteUrlCacheEntryA
FtpOpenFileA
DeleteUrlCacheEntryA
FtpGetFileA
FtpPutFileA
FtpFindFirstFileA
FindCloseUrlCache
HttpEndRequestA

encapi

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ