f1b8e36007d1e955999c6c5927c3db1d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f1b8e36007d1e955999c6c5927c3db1d_JaffaCakes118
Size

128KB
MD5

f1b8e36007d1e955999c6c5927c3db1d
SHA1

fbbcddaec1c466ae362c7201620c1cceb3a687b0
SHA256

c33bab1215884c4f1eca21fa3d3079ebe141ca72fd9d2214e7f9ee2e507a1abb
SHA512

7c89c01031735bfcb59e1c7c463bbc8021344b242ce78eea74a47e6ba097a4041041cbc01dc69c9659e4897c5e07c11e83b96d871511d4ab6713fa499a90fd1d
SSDEEP

3072:Ejg06dfYVscpikfdlOhlgDE8IU1pzQc/w/7KAZM/JuL:Mt6dfW3Fd3DH1pFw7K04M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b8e36007d1e955999c6c5927c3db1d_JaffaCakes118

Files

f1b8e36007d1e955999c6c5927c3db1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b82e176a46bdeeeff5f122048dc3a402

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\yvugusy\Buzezan.pdb

Imports

ole32

OleCreate
CoInitialize
StgCreateDocfile
CoSuspendClassObjects
CoUninitialize
OleInitialize
OleSetContainedObject

version

GetFileVersionInfoW
VerQueryValueW

uxtheme

GetThemeTextExtent
DrawThemeBackground
GetThemeBackgroundRegion
CloseThemeData

setupapi

SetupFindFirstLineW
SetupGetLineTextW
SetupFindNextLine
SetupCloseInfFile

kernel32

HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
WideCharToMultiByte
GetLocaleInfoA
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
EnterCriticalSection
GetProfileStringW
CloseHandle
OpenMutexW
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSize

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b82e176a46bdeeeff5f122048dc3a402

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

version

uxtheme

setupapi

kernel32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 68KB - Virtual size: 518KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 68KB - Virtual size: 518KB