b288c7afadb2bccc6cf27f1ed8f2a7d3_JaffaCakes118

General

Target

b288c7afadb2bccc6cf27f1ed8f2a7d3_JaffaCakes118
Size

775KB
MD5

b288c7afadb2bccc6cf27f1ed8f2a7d3
SHA1

a5948e362f1a6029689774c61f160ecc49740658
SHA256

42ec9a44c6c54e98f6f0aa664eb22cee9807c3957efdb2d2d2902945004c359e
SHA512

2ffc120cad78335c5522d927241aa74adc0286af447f44f215d91009d55b708b6c7ad58fccf0c188e8ec146705d036e50dcbfcb9f2c99e2b534e023368e5928d
SSDEEP

24576:mZ5pannUnxNYJZC8N/q4+ea2DRjFfCJx:mHpanneTAsY/ql52D5BC3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b288c7afadb2bccc6cf27f1ed8f2a7d3_JaffaCakes118

Files

b288c7afadb2bccc6cf27f1ed8f2a7d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f0baf70e2acaed629bbc05b6079ef90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadConsoleA
GetLastError
GetStartupInfoW
GetModuleHandleA
FormatMessageA
GetCurrentDirectoryW
ReadConsoleA
ReleaseMutex
ReadConsoleA
FindResourceA
CreateMutexA
HeapCreate
GetFileTime
CloseHandle
lstrcpyA
IsValidLocale
GetFileSize
ReadFile
IsBadStringPtrW
SetFileAttributesA
lstrcpyW

msi

MsiCreateRecord
MsiAdvertiseProductA
MsiCloseHandle
MsiCloseAllHandles

user32

SetCursorPos
GetWindowTextA
PostMessageW
LoadCursorW
PeekMessageW
IsCharLowerA
DispatchMessageA
IsWindow
wsprintfW
GetWindowLongW
IsZoomed
SetFocus
IsDialogMessageA

wldap32

ldap_add

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f0baf70e2acaed629bbc05b6079ef90

Headers

File Characteristics

Imports

kernel32

msi

user32

wldap32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 766KB - Virtual size: 2.1MB

.text1 Size: 1024B - Virtual size: 263B

.data1 Size: 512B - Virtual size: 224B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 766KB - Virtual size: 2.1MB

.text1
Size: 1024B - Virtual size: 263B

.data1
Size: 512B - Virtual size: 224B