465eb93a0907b74e1e62d0b078819ab4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

465eb93a0907b74e1e62d0b078819ab4_JaffaCakes118
Size

68KB
MD5

465eb93a0907b74e1e62d0b078819ab4
SHA1

0ea52a4e4765f76dd2d48db2dc5514aa8f06aa18
SHA256

b17bc7f16e05e267b01860746c6279e90f0c914b035e5ba58902defbc6d9ec3c
SHA512

d2e8163cb436580c179eb48ca949fd89aa40dd4da27b0b7f073fe179fef64aa34ad3dced62d60b6d63af36c75dbd36f1d1fa0f2c3ddacef74c1ca2e5a7e0b3ff
SSDEEP

1536:vqgXfrf16m5085fLiaO/mvuBlO+rNYwpomx/NnKK2:igDfAmnAaO/mvuBpKw3/NnKK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
465eb93a0907b74e1e62d0b078819ab4_JaffaCakes118

Files

465eb93a0907b74e1e62d0b078819ab4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9e2e572066019fff62d2c41de2577ceb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetUserDefaultLCID
GetProfileStringA
GetFileSizeEx
GlobalSize
ClearCommBreak
TerminateThread
VirtualProtectEx
SetConsoleTitleA
CallNamedPipeA
Module32Next
GetConsoleAliasesLengthA
IsProcessorFeaturePresent
LCMapStringA
OpenJobObjectA
GetNumberFormatA
ReadConsoleOutputCharacterA
LocalCompact
OpenEventA
GetCommandLineA
SetDllDirectoryA
GetEnvironmentVariableA
FindNextVolumeMountPointA
ConnectNamedPipe
WriteProcessMemory
TermsrvAppInstallMode
GetSystemDirectoryA
QueryMemoryResourceNotification
BuildCommDCBAndTimeoutsA
GetConsoleFontSize
GetConsoleTitleA
InterlockedDecrement
ChangeTimerQueueTimer
ReleaseSemaphore
GetDllDirectoryA
CreateSemaphoreA
GetDiskFreeSpaceA
SuspendThread
IsBadReadPtr
GetFullPathNameA
GetConsoleWindow
GetConsoleAliasesA
VirtualAllocEx
GetLogicalDriveStringsA
TransmitCommChar
SetConsoleCursorInfo
ClearCommError
GetUserDefaultLangID
GetExitCodeThread
SetInformationJobObject
VirtualAlloc
GetConsoleFontInfo
FindFirstFileExA
BeginUpdateResourceA
WriteConsoleOutputAttribute
HeapCreate
GetConsoleMode
FlushViewOfFile
lstrlenA
CloseHandle
SetConsoleTextAttribute
GetSystemWindowsDirectoryA
LocalFlags
GetCurrentThreadId
HeapDestroy
GetTickCount
IsValidLocale
SetConsoleMaximumWindowSize
SetLastConsoleEventActive
WriteConsoleOutputA
OpenWaitableTimerA
SetThreadPriority
GetLocaleInfoA

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Exports

Exports

Rxugediu
BeginXglhemjcv
SetYykhsyujd
Oagnbngdw
GetTmxepoip
WriteOtmgmubp
Juhbmdf
WriteVgfhsrv

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e2e572066019fff62d2c41de2577ceb

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 1KB

.text Size: 56KB - Virtual size: 180KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.idata
Size: - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 180KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB