b52bd516f8a9abddc92ffbed3d14d52e_JaffaCakes118

General

Target

b52bd516f8a9abddc92ffbed3d14d52e_JaffaCakes118
Size

86KB
MD5

b52bd516f8a9abddc92ffbed3d14d52e
SHA1

02773cc03c5f0e8d9d29f54a284aeef12564d947
SHA256

3ebe878108a1caa7a32a2670f78231619861ef86c2307cb639b0f83ca18b780f
SHA512

3a76626a9b756865201a84901938c3a27208605573c681a7c285aaeaa7d2aaafa0cb22384f5763f3eda1981f4671d086d4e8b43b4c421b69cd78dd8496314e9a
SSDEEP

1536:smNacBkA3gS+6blzh0nwSQE90OWTaACSPY5NEzjCesXMgRC5CostGahWeoeJBzUs:ljkA39+6/M9TWTaMPY5N6CeGRaCo9WWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b52bd516f8a9abddc92ffbed3d14d52e_JaffaCakes118

Files

b52bd516f8a9abddc92ffbed3d14d52e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6906dccce72c8c996aec6129f6e6cc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCommandLineA
SetUnhandledExceptionFilter
WritePrivateProfileStringA
GetCurrentThreadId
SetFilePointer
Sleep
DeleteFileA
SetLastError
lstrcpyA
GlobalAlloc
LocalFileTimeToFileTime
SetFileTime
lstrlenA
GetStartupInfoA
GetCurrentProcess
Process32Next
ExitProcess
CreateFileA
WriteFile
CloseHandle
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit
??1type_info@@UAE@XZ
strstr
__CxxFrameHandler
time
srand
rand
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
strcat
memset
strchr
strcpy
strlen
malloc
realloc
_except_handler3
_XcptFilter
_strcmpi

advapi32

ControlService
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegRestoreKeyA
RegSaveKeyA
CloseServiceHandle
StartServiceA
OpenServiceA
OpenSCManagerA

user32

BlockInput
keybd_event
FindWindowA
GetForegroundWindow
GetWindowThreadProcessId
IsCharAlphaNumericA
GetFocus
AttachThreadInput

shell32

SHGetSpecialFolderPathA
ShellExecuteA

dbghelp

MakeSureDirectoryPathExists

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6906dccce72c8c996aec6129f6e6cc2

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

shell32

dbghelp

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 37KB - Virtual size: 37KB

.rsrc Size: 34KB - Virtual size: 36KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 34KB - Virtual size: 36KB