ea95e325aa17edaf895f56e22ae70388_JaffaCakes118 | Triage

Sharing

General

Target

ea95e325aa17edaf895f56e22ae70388_JaffaCakes118
Size

105KB
MD5

ea95e325aa17edaf895f56e22ae70388
SHA1

3e85cefe21434c5ec99f1b611c69027bac48df81
SHA256

89cda060b5bd2dc26d813be4f4ad42adc04999e908a965b6d815569b27012e3a
SHA512

c1608b3f272b29ad724a9ff45f6a207e941a8f3b9784a8093014841d9c106bc31f02fd5b688b55d16f3526a594a685c7edd717ff68165271992ac330668d33ff
SSDEEP

3072:KKK2b+RMdJbbUdnAiCU8FhHN0s+UuOYFHipdY7q:53ImJbwEthHN0t5BipG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea95e325aa17edaf895f56e22ae70388_JaffaCakes118

Files

ea95e325aa17edaf895f56e22ae70388_JaffaCakes118
.exe windows:4 windows x86 arch:x86

373337ad10ffd960a2e0928a0cc4edc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetStartupInfoW
SetEndOfFile
GetFileSize
IsBadCodePtr
HeapSize
WaitForSingleObject
SetFileAttributesA
GetEnvironmentVariableA
ReleaseMutex
EnterCriticalSection
DeleteFileA
VirtualAlloc
ResetEvent
GetCurrentDirectoryA
FindAtomA
ExitProcess
FindVolumeClose
GetTickCount
ResumeThread
HeapDestroy
CreateFileA
GetModuleHandleA
FindVolumeClose
GetTickCount

wininet

FindCloseUrlCache
HttpQueryInfoA
HttpEndRequestA
FtpGetCurrentDirectoryW
DeleteUrlCacheEntryA
FtpPutFileA
FtpGetFileW
DeleteUrlCacheEntryA
FtpFindFirstFileA
FtpOpenFileA
FtpDeleteFileA
DeleteUrlCacheEntryA
FtpCreateDirectoryW

sisbkup

SisRestoredLink
SisRestoredLink
SisRestoredLink
SisRestoredLink

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ