2d2f4d5e9605b4f3832b7adcbc63328a_JaffaCakes118

General

Target

2d2f4d5e9605b4f3832b7adcbc63328a_JaffaCakes118
Size

292KB
MD5

2d2f4d5e9605b4f3832b7adcbc63328a
SHA1

011458531b9595349e3bfda6bb1c55b35aa4300c
SHA256

f9be2279e135974c452350d74d7553b090c21e7d434636aac39dbe4c3bcd517f
SHA512

843d8143a97ca4e852dac8c7171f9409c26528fc7cea16d260f6150f472646fd9ab6868453389c68f32900e27f9b523c3fb9d2a6d85fc91791be8c8cf301ec10
SSDEEP

6144:ygAaIdKPonueqJsP+fufQosblk923F0+z9y8+uZgvDM1:6uIqJsP+fuflOlk9C0+z+uZgLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d2f4d5e9605b4f3832b7adcbc63328a_JaffaCakes118

Files

2d2f4d5e9605b4f3832b7adcbc63328a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0140f5bcb47d3cc09fcf78a10d2d48c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
GetProfileStringA
GetConsoleAliasesA
GetDllDirectoryA
CreateEventA
GetProcessWorkingSetSize
ConnectNamedPipe
GetFileAttributesExA
QueryMemoryResourceNotification
SetLocalPrimaryComputerNameA
VirtualAlloc
SetFilePointer
GetSystemTime
GetCurrentThread
OpenMutexA
lstrcat
PeekConsoleInputA
GetEnvironmentStringsA
GetComputerNameA
ReadConsoleA
GetStringTypeExA
FindResourceExA
ReleaseSemaphore
GetProfileIntA
GetDiskFreeSpaceA
GetCPInfoExA
SetUserGeoID
LoadModule
RemoveDirectoryA
SystemTimeToFileTime
WriteConsoleA
SetComputerNameExA
WritePrivateProfileStringA
EnumTimeFormatsA
OpenEventA
PurgeComm
WritePrivateProfileSectionA
WriteConsoleOutputCharacterA
GetTickCount
WriteConsoleOutputCharacterW
GetEnvironmentVariableA
GetDriveTypeA
SetLocalTime
GetFullPathNameA
DeleteTimerQueueTimer
IsBadStringPtrA
GetVolumePathNameA
GetStdHandle
GetLocaleInfoA
ResetEvent
ReadConsoleInputA
SetInformationJobObject
GetConsoleMode
IsWow64Process
GetProcessShutdownParameters
GetThreadContext
GetCurrentDirectoryA
LZDone
GetProcessHeap
GetExpandedNameA
LocalUnlock
QueryDosDeviceA
FindNextChangeNotification
FindCloseChangeNotification
GetFileSize
SetComputerNameA
SetCurrentDirectoryA
SetFilePointer
RemoveDirectoryA
GetWindowsDirectoryA
SetStdHandle
WriteConsoleInputA
GetComputerNameA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 280KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0140f5bcb47d3cc09fcf78a10d2d48c9

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 1KB

.text Size: 280KB - Virtual size: 388KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 280KB - Virtual size: 388KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB