a5d6966406f592bd9afe1d9275d93414_JaffaCakes118

General

Target

a5d6966406f592bd9afe1d9275d93414_JaffaCakes118
Size

71KB
MD5

a5d6966406f592bd9afe1d9275d93414
SHA1

89c7935d473809412d4ac8bf3e01abe97c56bb03
SHA256

a1abf1d3d8c0d5aa43a5ab991522d2a6fcd16c538901e075e2c71e1d84598b9c
SHA512

478222458b178159e95f977c5cd5d12faff33fc0fc51a6e6ccd58306e861bf5d240ce0d7911a7a9dbbda7d73d308857df051866a7d8e498fac9e7188f2f9e4a7
SSDEEP

1536:HX3Xioeax1gYeHa1RhV+lDqEPf27DC7+ubndA+:HSJ41Ka1RhV+lOEPf27W6sndA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5d6966406f592bd9afe1d9275d93414_JaffaCakes118

Files

a5d6966406f592bd9afe1d9275d93414_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c37ba8e01616d99cf67ad679c1dd9eeb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisconnectNamedPipe
VirtualAlloc
GetProcessId
GetConsoleWindow
WritePrivateProfileStructA
GetConsoleMode
IsDebuggerPresent
GetWriteWatch
GetNamedPipeHandleStateA
GetLastError
WriteProcessMemory
GetExitCodeThread
FindFirstFileExA
GetConsoleTitleA

user32

GetActiveWindow
GetKBCodePage
GetRawInputData
DrawIcon
EndMenu
PostThreadMessageW
IsZoomed
SetWindowLongA
EnableMenuItem
CharPrevExA
CallWindowProcA
RealGetWindowClass
HideCaret

Exports

Exports

Lsukqqnu
Fqbcjcw
Eqtrcfo
IsYknctxu
WriteAmttpqehbhe
InitMxcqvla
Ssluwlukx
Cicnmbmw
Nkrsrxju
Hqrosvelhim
Jvkukmikmn
InitAixkwyaxbt
Hibxdikjnx
Sfggucbnpc
OpenPmckxoso
Dkyaaoqjqs
Kyfssesnfi
EndVyoohtp
AddBitaiswnaot
Ynlinfnmmb

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c37ba8e01616d99cf67ad679c1dd9eeb

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 512B - Virtual size: 81KB

.data Size: 1024B - Virtual size: 688B

.edata Size: 512B - Virtual size: 488B

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 512B - Virtual size: 81KB

.data
Size: 1024B - Virtual size: 688B

.edata
Size: 512B - Virtual size: 488B

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 20KB - Virtual size: 20KB