4071be87d42c6a12173395944b630db1_JaffaCakes118

General

Target

4071be87d42c6a12173395944b630db1_JaffaCakes118
Size

176KB
MD5

4071be87d42c6a12173395944b630db1
SHA1

3796ba026e968be472727d7ff60e76aceb1f10bd
SHA256

7a9b514f855353c2bdeb9085d1a27173f0b73cee084294342a7bcc6bbab3650b
SHA512

d83f865ab47803425e16fce92e29ec01eb9c5e426aa19de8a255fab1c3f33db342fcd57e059b964be0a516635321d571cc19e28d829fea13b30e4e41ed3299c8
SSDEEP

3072:Y9VDn+8B1YwaSDK82/aLP40NLLnErm7qrhrIe0C3KMVAeQblBIep:Y7D+6m1cB4OErnrhN3KMVAe+rI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4071be87d42c6a12173395944b630db1_JaffaCakes118

Files

4071be87d42c6a12173395944b630db1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5bdce4b2c2a98fca1d1bb1a75c3275a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputA
GetSystemWindowsDirectoryA
OpenSemaphoreA
GetLongPathNameA
Module32First
GetDefaultCommConfigA
LCMapStringA
GetFileType
GetStringTypeExA
VirtualAlloc
GetCurrentThread
OpenJobObjectA
RemoveDirectoryA
FindFirstVolumeA
SetLastConsoleEventActive
GlobalUnWire
DeleteTimerQueue
GetDllDirectoryA
FlushFileBuffers
WaitForDebugEvent
GlobalGetAtomNameA
FreeLibrary
GetWindowsDirectoryA
lstrcpy
GetEnvironmentStringsA
FlushInstructionCache
SetSystemTimeAdjustment
GetVersionExA
GetNumberFormatA
GetConsoleAliasA
SetComputerNameExW
GlobalFindAtomA
WriteConsoleOutputA
GetFileTime
HeapFree
GetFileAttributesExA
IsSystemResumeAutomatic
CreateSocketHandle
ReleaseMutex
GetConsoleAliasExesW
ResetEvent
DefineDosDeviceA
SetFilePointerEx
QueueUserAPC
GetConsoleInputExeNameA
SetConsoleCursorMode
OpenFile
WriteConsoleA
CloseHandle
GetProcessWorkingSetSize
OutputDebugStringA
SleepEx
GetDiskFreeSpaceExA
IsValidCodePage
GetNativeSystemInfo
SetTapePosition
GetCommModemStatus
GetFileSize
SetCurrentDirectoryA
MapUserPhysicalPagesScatter
UnlockFile
GetEnvironmentStringsA
_lclose
LocalFileTimeToFileTime
ClearCommError
SetFilePointer
GetProcessVersion

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Sections

.text
Size: - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 164KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5bdce4b2c2a98fca1d1bb1a75c3275a

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.text Size: - Virtual size: 428B

.itext Size: 164KB - Virtual size: 171KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 428B

.itext
Size: 164KB - Virtual size: 171KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB