39d292ce1d4931ecbdb9634ca897121a_JaffaCakes118

General

Target

39d292ce1d4931ecbdb9634ca897121a_JaffaCakes118
Size

144KB
MD5

39d292ce1d4931ecbdb9634ca897121a
SHA1

6384e895999003041442224f348afa2bfeb421eb
SHA256

7ddc8bf3ec408013b699eb8b0d7fc7b10bb6558c70451e3b04e29d09e7998ad6
SHA512

1bbc4740f1d0c85ebcbf3905ad9247565e7006e28f119e2559d61b56a2cba020ad9e4cb6a2026aee82cf16b690b691109019c463b439967e28c24e3aa81ed8ac
SSDEEP

3072:XEIzNBARhsLgTvlzR1IEFOZo2IULocO3f/lBH:XEy8sL0dzMfZ0Uy/l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39d292ce1d4931ecbdb9634ca897121a_JaffaCakes118

Files

39d292ce1d4931ecbdb9634ca897121a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e2fbb45394089d39a96721b67eee40d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomA
HeapFree
GetConsoleScreenBufferInfo
GetBinaryType
GetExitCodeThread
GetComputerNameExA
LocalFileTimeToFileTime
EnumSystemCodePagesA
GetTempPathA
HeapSetInformation
QueryInformationJobObject
SetConsolePalette
CommConfigDialogA
SetPriorityClass
GetOEMCP
GetProfileStringA
SetLocalPrimaryComputerNameA
GetConsoleTitleA
HeapSize
ExitThread
HeapSummary
GetVersionExA
LoadModule
GetPrivateProfileIntA
HeapLock
WriteConsoleOutputCharacterW
GetExpandedNameA
GetVolumeInformationA
DisconnectNamedPipe
LZOpenFileA
GetConsoleCP
GetDevicePowerState
GetThreadSelectorEntry
ConnectNamedPipe
FillConsoleOutputCharacterA
ReadConsoleInputA
EnumSystemLocalesA
UpdateResourceA
FindVolumeClose
SetConsoleOutputCP
ReadConsoleA
GetProcessIoCounters
GetVolumeNameForVolumeMountPointA
MulDiv
PurgeComm
LZStart
SetComputerNameExA
SetFilePointer
FlushViewOfFile
GetDefaultCommConfigA
IsBadStringPtrA
VirtualAlloc
IsWow64Process
GetCommandLineA
SetThreadContext
GetFileAttributesExA
CreateDirectoryExA
GetCurrentThread
GetConsoleCursorInfo
VirtualAlloc
WriteConsoleA
GetPrivateProfileSectionNamesW
WriteConsoleInputA
GetThreadContext
_hread
GetCPInfoExA
WriteConsoleA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Exports

Exports

Tobmgxh
CloseGvobqhew
CloseHurwfmc
Ectisrcuias
Mquoacav
Jpxbqsoa
IsToqjipiqp
WriteGevbemha

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2fbb45394089d39a96721b67eee40d5

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 1KB

.text Size: 132KB - Virtual size: 180KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 180KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB