5358d2c54f6399fc05644fa944c80d71_JaffaCakes118

General

Target

5358d2c54f6399fc05644fa944c80d71_JaffaCakes118
Size

68KB
MD5

5358d2c54f6399fc05644fa944c80d71
SHA1

51053ce20e3e39e726116178337e60ccbcbcb851
SHA256

73ea39d319156bc98e3bd84c6ba463b6bff27299d82e05343346a1080ed8ce93
SHA512

845ff12fe8a309601d8808d6a9a4eeb8cebf6cb4edd8f950b6aae771181a1e6feac4e510d1c706cd2341a072cf36a01603f833f6090968f4ac7889098bc7bfc6
SSDEEP

1536:tdCtADAlLFEW61J/F0AW+K6Ii84N2tdsQhDVwYD:+tiAlLFM1J/F0EK64BfphDVwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5358d2c54f6399fc05644fa944c80d71_JaffaCakes118

Files

5358d2c54f6399fc05644fa944c80d71_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a9b551be0d285d9cf8bf031615de41ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteTimerQueueEx
RaiseException
SetConsoleCursorMode
VirtualAllocEx
UpdateResourceA
ReadConsoleA
GetDllDirectoryA
SetConsoleScreenBufferSize
IsSystemResumeAutomatic
LZCopy
SetEvent
GlobalFlags
RequestDeviceWakeup
GetFullPathNameA
AddConsoleAliasA
SetEnvironmentVariableA
WriteConsoleOutputA
ClearCommBreak
WaitForSingleObjectEx
SetVolumeLabelA
OpenWaitableTimerA
GetExitCodeProcess
IsBadCodePtr
GetConsoleCommandHistoryLengthA
FillConsoleOutputAttribute
GetCurrentDirectoryA
CompareStringA
CreatePipe
ConvertDefaultLocale
DefineDosDeviceA
SetConsoleWindowInfo
ResetEvent

wininet

FtpSetCurrentDirectoryW
InternetQueryDataAvailable
InternetUnlockRequestFile
FtpRemoveDirectoryW
InternetCrackUrlA
ResumeSuspendedDownload
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW

Exports

Exports

Whmrmcva
Asjjpmp
BeginVqcnqxiy
Fesfyvnbmop
Icutdjxj
SetOnhwtysh
GetBeufuenmf
GetRyyaueevcm

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9b551be0d285d9cf8bf031615de41ed

Headers

File Characteristics

Imports

kernel32

wininet

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 56KB - Virtual size: 184KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.itext
Size: - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 184KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB