69b3974bcdf6a7a1d55379bd0c07dd25_JaffaCakes118

General

Target

69b3974bcdf6a7a1d55379bd0c07dd25_JaffaCakes118
Size

139KB
MD5

69b3974bcdf6a7a1d55379bd0c07dd25
SHA1

ad9f428ebb4065c996011535b44bfbc354d3306b
SHA256

3bea8cf7288a495bdd628a884c5bdc957310f9b307db6145ba2691c0b4a57fb6
SHA512

62b1b256208fa4f92464d0ea9a425db1f7ab9beb089e44c714e90ef1222a66d4d49cca3de74d845da3035e9aabaa3490aa354440f8bcedfa2bee2545b6763bfd
SSDEEP

3072:Zax4N/NjtMC3Lf9S5buUSwwsZJQ17oWU361WmhsmW3+Bo89N:8ILfEbuzwZGM/MWmhst989

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b3974bcdf6a7a1d55379bd0c07dd25_JaffaCakes118

Files

69b3974bcdf6a7a1d55379bd0c07dd25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c61ad21c3adc8cd21e3759f4bc9810b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComPlusPackageInstallStatus
OpenJobObjectA
GetCommandLineW
ReleaseMutex
WriteConsoleInputA
VirtualFree
GetConsoleKeyboardLayoutNameA
ProcessIdToSessionId
GetCompressedFileSizeA
GetModuleHandleA
GetCommandLineA
GetWindowsDirectoryA
GetThreadContext
ClearCommError
GlobalFindAtomA
DuplicateHandle
GetModuleHandleA
RequestWakeupLatency
GetStartupInfoA
SetHandleContext
GetConsoleTitleA
SetEvent
UnlockFile
GlobalAddAtomA
Module32First
GetSystemDirectoryA
VirtualAlloc
GetThreadPriorityBoost
SetComputerNameExW
ExpandEnvironmentStringsA
EnumResourceLanguagesA
CreateDirectoryExA
GetProcessHandleCount
AllocConsole
HeapCompact
GetFileType
SetVolumeMountPointA
GetSystemDirectoryA
FindVolumeClose
CompareStringA
EnumSystemLanguageGroupsA

ntdll

RtlGetLastWin32Error

Exports

Exports

Bttsokf
CloseDsxjswdm
OpenWuohfugq
Gochprpjay
WriteTahxjdeup
Okoqoerao
Vhdqehbeeq
Pfdvpnfwpu
AddMnlivqgoh
Lpggxnly
CloseIegekcmri
EndGoiagquu
Qqxmwsfnw
Xeetvmrkvt
ReadWgabqaphlur
CloseWifxhutio
Uylbgslmviy
EndPfxasbeh
Xbovsfddao
Orrkdaktnwi

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c61ad21c3adc8cd21e3759f4bc9810b9

Headers

File Characteristics

Imports

kernel32

ntdll

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.idata Size: 2KB - Virtual size: 144KB

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 81KB - Virtual size: 81KB

.idata
Size: 2KB - Virtual size: 144KB

.rsrc
Size: 54KB - Virtual size: 54KB