6952809a53ba93fb930dfc1cd15f9592_JaffaCakes118

General

Target

6952809a53ba93fb930dfc1cd15f9592_JaffaCakes118
Size

4.5MB
MD5

6952809a53ba93fb930dfc1cd15f9592
SHA1

1d83ec0713e5564eef4b0cd582f2ebd895581499
SHA256

6facc7632fd7829b7591b505194a68813b23fda7e9e70b2f224c77fd8fb8ddd3
SHA512

697a03214ce23a35e83ba0fd58f72e9649db6a258cbe448129d36b75d01f2944d99e52e087a234aafa21a2950e9e00d3ebdb0c5cb0eec1e411008dbe97f69161
SSDEEP

98304:OAxe9XNy0pojmTCUtIni9TptDCOjXyr62UhN+6uXmh41rY:BxeXLuj4Ig20hN+6uwirY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6952809a53ba93fb930dfc1cd15f9592_JaffaCakes118

Files

6952809a53ba93fb930dfc1cd15f9592_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7c1bb15c576de5e2781b83c9f855e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileExA
SetUserGeoID
RemoveDirectoryA
CreateMutexA
DeviceIoControl
SetConsoleLocalEUDC
GetComPlusPackageInstallStatus
GetProcessShutdownParameters
BeginUpdateResourceA
IsValidLocale
UnregisterWaitEx
OpenMutexA
GetWindowsDirectoryA
FindFirstVolumeA
BeginUpdateResourceA
GetTempPathA
WriteConsoleOutputCharacterW
GetThreadSelectorEntry
DeleteFileA
GetLogicalDriveStringsA
WritePrivateProfileSectionA
TerminateProcess
OpenFileMappingA
VirtualAlloc
GetPrivateProfileStructA
GetModuleHandleA
SetMailslotInfo
GetProfileSectionA
_llseek
MoveFileWithProgressA
SetEndOfFile
SetConsoleScreenBufferSize

user32

UnregisterDeviceNotification
DdeGetLastError
GetMenuStringA
IsRectEmpty
UpdatePerUserSystemParameters
SendMessageTimeoutW
EndTask
IsDialogMessageA
SetLayeredWindowAttributes
SetMessageExtraInfo
LoadKeyboardLayoutEx
CharToOemBuffA
GetCursorInfo
IsCharAlphaNumericA
DlgDirListComboBoxA
DlgDirSelectExA
GetWindowPlacement
DdeNameService
SetWindowLongA
SetKeyboardState
SetMessageQueue
GetMessageTime

Sections

.text
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7c1bb15c576de5e2781b83c9f855e60

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: - Virtual size: 3.4MB

.data Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.text
Size: - Virtual size: 3.4MB

.data
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB