259fea7d186340df21b4971c201ab3f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

259fea7d186340df21b4971c201ab3f6_JaffaCakes118
Size

769KB
MD5

259fea7d186340df21b4971c201ab3f6
SHA1

7d213b5e5ea463a3d80303e0aa2b9c6e756a6b42
SHA256

c66593b98d3820d6b7aa07beea34b99499d284be1beb3e0c3c73bf0ee16930cc
SHA512

5756a1d7229f9ee88087b6669beafc7dbe2af039fe093220bc895b2ed7b9ba92b3ac674381a7376e9d1e8d4f482c9a424bf4a5aaa82b695b2537b437a0ff079c
SSDEEP

24576:EdbmXL0nFjSp/L491Wcp5Ej9NBK87KBP:KasMp/cnWcTEJGB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259fea7d186340df21b4971c201ab3f6_JaffaCakes118

Files

259fea7d186340df21b4971c201ab3f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f367306e03b0bf8fa5591d634e5594dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GlobalFlags
VirtualAllocEx
FindClose
WriteFile
GlobalSize
GetModuleHandleA
CloseHandle
GetCommandLineA
lstrlenW
GetStartupInfoA
GetExitCodeProcess
DeleteFileA
GetTickCount
GetConsoleTitleW
SetFilePointer
DeviceIoControl
CloseHandle
SetEvent
Sleep

user32

GetWindowLongW
CallWindowProcW
IsWindowVisible
DispatchMessageA
DrawTextW
GetParent
LoadImageA
DispatchMessageA
FillRect
PeekMessageA
DestroyWindow
SetFocus
BeginPaint

ir41_qc

Compress
Compress
Compress
Compress

wininet

FtpCommandA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 762KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ