f1b5b6cb53076e23c387743a5e75c5ad_JaffaCakes118

General

Target

f1b5b6cb53076e23c387743a5e75c5ad_JaffaCakes118
Size

602KB
MD5

f1b5b6cb53076e23c387743a5e75c5ad
SHA1

08815abb077d98af8c83526ad58fa09a33956ba3
SHA256

3d3cb28adbf4ef03bf8dcff05f70ef6e95849eaafcb9a6ab4691f9b439d194ea
SHA512

21215c25d95e6f9a918e9791608c8aedb76873c10a7d3ef530be0f774fc606cf2c1de27d5b54b08f067b8bf0627848bf8a2bcbc44cf4c52fc9f2b10159a45fd0
SSDEEP

12288:cnepKaV9OaW0FjM7rxUpwEiAfKzG5dliFuJ2lkrdcakCoDL4+gt:MS/f7FjOrxkwEiGliFPl4taDL4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b5b6cb53076e23c387743a5e75c5ad_JaffaCakes118

Files

f1b5b6cb53076e23c387743a5e75c5ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
LoadIconA
OemToCharA
DeleteMenu
PostMessageA
SendMessageA
SetMenuInfo
UpdateWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerQueryValueW
VerFindFileW
GetFileVersionInfoA

rpcrt4

tree_into_ndr
short_array_from_ndr
RpcObjectSetInqFn
RpcNsBindingInqEntryNameA
RpcMgmtSetServerStackSize
RpcBindingVectorFree
RpcBindingSetAuthInfoA
RpcBindingInqAuthClientExA
MesHandleFree

crtdll

fmod
_exit
_finite
_fpieee_flt
_isnan
isalpha
rand
swscanf
wcsxfrm

ntdll

DbgUserBreakPoint
LdrLoadDll
NtQuerySystemTime
NtSetInformationObject
RtlCreateSecurityDescriptor
RtlNtStatusToDosError
RtlStartRXact
RtlUniform
RtlUpperString
ZwAlertThread

kernel32

WriteProfileSectionW
VerLanguageNameA
SetLastError
SetCommTimeouts
PurgeComm
OpenJobObjectW
OpenEventW
LoadLibraryExA
LeaveCriticalSection
LCMapStringA
IsDBCSLeadByte
HeapAlloc
GlobalUnfix
GetTickCount
GetThreadTimes
GetQueuedCompletionStatus
GetPriorityClass
GetFileSize
GetDefaultCommConfigA
GetCommandLineA
FreeConsole
ExitProcess
DisableThreadLibraryCalls
DeleteFileA
CreatePipe

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

Imports

user32

version

rpcrt4

crtdll

ntdll

kernel32

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 510KB - Virtual size: 511KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 510KB - Virtual size: 511KB

.rsrc
Size: 51KB - Virtual size: 51KB