1774f903aaa36bc3401f77ab1231e75f_JaffaCakes118 | Triage

Sharing

General

Target

1774f903aaa36bc3401f77ab1231e75f_JaffaCakes118
Size

28KB
MD5

1774f903aaa36bc3401f77ab1231e75f
SHA1

659c0f4a6cc6ab7a8ea31db9ca985c270c2c27c2
SHA256

79c35fb75cdd1805fc7ab48d80de1f5223a200fc02120549861edddefe12ffa5
SHA512

1de8ae49cd4655e0957d26f0c5d5980587679fd5b3092eb79559a844b5ebdff9d4bec126b71d6eb64e4ccd351e49cb0f5d7c653f53e1f6cc5612f7f81c40c7f8
SSDEEP

768:R9xPo85USGK25ybwG42Z0oXxwLcb8KUp0elb8e0aEZes/DhrS:p5USGK25ybwG/eoXxC08KUpXlwe0aEZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1774f903aaa36bc3401f77ab1231e75f_JaffaCakes118

Files

1774f903aaa36bc3401f77ab1231e75f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03e46b2be39aa28cda428559bfbc5e65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
FindClose
DeleteFileA
GetFileSize
FindAtomA
ResetEvent
ReleaseMutex
GetStartupInfoW
GetTickCount
HeapSize
CloseHandle
GetModuleHandleA
SetEndOfFile
FindClose
InitializeCriticalSection
GetTickCount
GetEnvironmentVariableA
IsBadCodePtr
SetFileAttributesA
GetCurrentDirectoryA
HeapCreate
WaitForSingleObject
HeapDestroy
ResumeThread
ExitProcess

wininet

FtpOpenFileA
DeleteUrlCacheEntryA
FindCloseUrlCache
FtpFindFirstFileA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
FtpGetCurrentDirectoryA
FtpDeleteFileA
HttpEndRequestA
FtpGetFileA
FtpCreateDirectoryA
FtpPutFileA
HttpQueryInfoA

qmgrprxy

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ