28b16873c2b04a8aedc330d9cd5a9e85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28b16873c2b04a8aedc330d9cd5a9e85_JaffaCakes118
Size

249KB
MD5

28b16873c2b04a8aedc330d9cd5a9e85
SHA1

7afbb338118f69f30b70384fd6e3f8040e9c1032
SHA256

657b2dd57988a9f2f38df0d64ca68c793031c660ec7628c221f02d01e328f053
SHA512

69db9f43b3b5343e6ef498ae3e946f66ef1e0f464e16cb6fb3b2b4b3e5863f5acc43badedeca0412768ac89458619f3b87db0cbe28542a5f7d6bb9eecbd459a6
SSDEEP

6144:dD58AJxZPfdMcIJHgKFok2xozdQgmfMWxGTD:d1htjMhokkwlmf8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b16873c2b04a8aedc330d9cd5a9e85_JaffaCakes118

Files

28b16873c2b04a8aedc330d9cd5a9e85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a97352061f33b5aea0ea3ea14bdce76c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
InitializeCriticalSection
SetFileAttributesA
GetFileSize
AddAtomW
GetTickCount
ResetEvent
ExitProcess
CloseHandle
GetStartupInfoW
HeapCreate
DeleteFileA
GetModuleHandleA
CreateFileA
GetCurrentDirectoryA
HeapDestroy
ReleaseMutex
SetEndOfFile
FindClose
GetEnvironmentVariableA
FindClose
CreateMutexW
GetTickCount
SuspendThread
WaitForSingleObject

wininet

FindCloseUrlCache
FtpOpenFileA
DeleteUrlCacheEntryA
FtpPutFileA
HttpEndRequestA
FtpCreateDirectoryA
FtpGetFileA
FtpFindFirstFileA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
FtpGetCurrentDirectoryA
FtpDeleteFileA
HttpQueryInfoA

perfos

CloseOSObject
CloseOSObject
CloseOSObject
CloseOSObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ