b249bcf741e076f11b6c9553f6104f16_JaffaCakes118

General

Target

b249bcf741e076f11b6c9553f6104f16_JaffaCakes118
Size

368KB
MD5

b249bcf741e076f11b6c9553f6104f16
SHA1

f5c3dd7e2a31633c2ef41d862340b5f093679b8f
SHA256

29fc21a0c2cb5bc631a730f9fb1379ca9847746d1dc1f30c99598f7c96874e86
SHA512

67f59bc5e558bf5ab3f55a6bee7780c63bc68ce1aa48112e9535a91bf178494e21ab1c396845d2bbf23d564f7c36031ee8d9f8986f36442d1a7fd88ebd057fac
SSDEEP

6144:XM/3tptCmTJay6oVSYuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuuuuuuuuuV:G5uuuuuuuuuuuuuuuuuuuuuuuuuuuuue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b249bcf741e076f11b6c9553f6104f16_JaffaCakes118

Files

b249bcf741e076f11b6c9553f6104f16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f030616db45195b12b363b51d347e798

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageTimeoutA
CharLowerA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
SHChangeNotify

ole32

CoInitialize
CoCreateInstance

msvcrt

_access
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
malloc
free
realloc
_msize
atoi
fprintf
exit
fscanf
strchr
sprintf
strrchr
fopen
fwrite
fclose
fread
fseek
toupper
__CxxFrameHandler
_controlfp

kernel32

GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetFileSize
ReadFile
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
EnumResourceNamesA
LoadLibraryExA
FreeLibrary
FindResourceA
SizeofResource
LoadResource
GlobalAlloc
LockResource
WriteFile
GlobalFree
MultiByteToWideChar
CreateProcessA
CreateFileA
GetSystemTime
SystemTimeToFileTime
SetFileTime
CreateDirectoryA
GetLocalTime
FindFirstFileA
lstrcmpiA
DeleteFileA
CopyFileA
SetFileAttributesA
GetModuleFileNameA
GetFileAttributesA
FindNextFileA
FindClose
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
SetFilePointer
GetDriveTypeA
OpenMutexA
Sleep
GetTickCount
CloseHandle
LoadLibraryA
CreateEventA
SetErrorMode
WaitForSingleObject
SetEvent

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f030616db45195b12b363b51d347e798

Headers

File Characteristics

Imports

user32

advapi32

shell32

ole32

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 344KB - Virtual size: 343KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 344KB - Virtual size: 343KB