6efe716a020b188de9c7d8c3fd5813e6_JaffaCakes118

General

Target

6efe716a020b188de9c7d8c3fd5813e6_JaffaCakes118
Size

603KB
MD5

6efe716a020b188de9c7d8c3fd5813e6
SHA1

5e3df45798c244b78018e78afb79e5eff1f42b08
SHA256

108b9ade63097cd5a9c6200abfaf545e89b108cce2687e76e5b1e07ed3eea570
SHA512

db6f5d89c3a3b5b8bba1a8bd3d93c1ae14ede1c22c7bed721e57dee3e837f7a2b3e9a2da54901eb51945759186d16ea3cbbbd8c4adb31ffb473d5a63fe0e8f44
SSDEEP

12288:ofx+v1aUxGPwg5APDGeb4YoF1Or2mwieUNohO39eeQ9iTWnBbgfjit:ofxEBg5APaesYUbmReJCXQ9GWbgfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6efe716a020b188de9c7d8c3fd5813e6_JaffaCakes118

Files

6efe716a020b188de9c7d8c3fd5813e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
LoadIconA
OemToCharA
DeleteMenu
PostMessageA
SendMessageA
SetMenuInfo
UpdateWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerQueryValueW
VerFindFileW
GetFileVersionInfoA

rpcrt4

tree_into_ndr
short_array_from_ndr
RpcObjectSetInqFn
RpcNsBindingInqEntryNameA
RpcMgmtSetServerStackSize
RpcBindingVectorFree
RpcBindingSetAuthInfoA
RpcBindingInqAuthClientExA
MesHandleFree

crtdll

fmod
_exit
_finite
_fpieee_flt
_isnan
isalpha
rand
swscanf
wcsxfrm

ntdll

DbgUserBreakPoint
LdrLoadDll
NtQuerySystemTime
NtSetInformationObject
RtlCreateSecurityDescriptor
RtlNtStatusToDosError
RtlStartRXact
RtlUniform
RtlUpperString
ZwAlertThread

kernel32

WriteProfileSectionW
VerLanguageNameA
SetLastError
SetCommTimeouts
PurgeComm
OpenJobObjectW
OpenEventW
LoadLibraryExA
LeaveCriticalSection
LCMapStringA
IsDBCSLeadByte
HeapAlloc
GlobalUnfix
GetTickCount
GetThreadTimes
GetQueuedCompletionStatus
GetPriorityClass
GetFileSize
GetDefaultCommConfigA
GetCommandLineA
FreeConsole
ExitProcess
DisableThreadLibraryCalls
DeleteFileA
CreatePipe

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

Imports

user32

version

rpcrt4

crtdll

ntdll

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 510KB - Virtual size: 511KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 510KB - Virtual size: 511KB

.rsrc
Size: 51KB - Virtual size: 51KB