181c07ec87ad8f4a63db2c77746c8874_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

181c07ec87ad8f4a63db2c77746c8874_JaffaCakes118
Size

769KB
MD5

181c07ec87ad8f4a63db2c77746c8874
SHA1

aa7d720320f40bfa9bd2262d7c7fad66d3210a18
SHA256

c3bc3dba62c6d8f8a2ed60e02906827895a57fbc3cdef9de56bcf417ef946ed7
SHA512

7be9ecaba43a25630d2e3cfa15ad6c2a66dc5acc161278fc82519aa101fc12c5d8efa597d11c92b123f2ae3be9fc9ad5c2d8221c051e73135ad1415986b9d7ed
SSDEEP

12288:2pGn6dfcaBUWitUCTNZClzXI34lnpLNpW/iRokCtLqdRXXufOD+IXGrn:oG6dfPUWqxiq8x3W/mTdRHumD+rrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
181c07ec87ad8f4a63db2c77746c8874_JaffaCakes118

Files

181c07ec87ad8f4a63db2c77746c8874_JaffaCakes118
.exe windows:4 windows x86 arch:x86

465fc29d165ac03490df1094e127e978

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GlobalSize
GetModuleHandleA
Sleep
GetTimeFormatA
GetStartupInfoA
HeapCreate
WriteFile
lstrlenW
GetCommandLineA
DeleteFileA
CloseHandle
CloseHandle
GlobalFlags
GetExitCodeProcess
SetFilePointer
SetConsoleCP
GetTickCount
SetEvent
ReleaseMutex

user32

SetFocus
FillRect
DrawTextW
DispatchMessageA
DispatchMessageA
DestroyWindow
PeekMessageA
GetWindowLongW
GetParent
CallWindowProcW
LoadImageA
BeginPaint
IsWindowVisible

loghours

DirSyncScheduleDialog
DirSyncScheduleDialog
DirSyncScheduleDialog
DirSyncScheduleDialog

wininet

FtpCommandW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 762KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ