b2fb56f76f78f849b6bcdf2dfb09ad25_JaffaCakes118

General

Target

b2fb56f76f78f849b6bcdf2dfb09ad25_JaffaCakes118
Size

383KB
MD5

b2fb56f76f78f849b6bcdf2dfb09ad25
SHA1

c5b39c60bd56a95e74ae04ed1895a863bd70ae7b
SHA256

d9af08e899057edb9b74461fa22372cf46886f238e1eb3e35fdf9046389f701d
SHA512

440eb6021047a45ab9960068b5011356ca337deb9f32e27af0eaa764db554290f30348a6cf6811a9c434c96ae482345210e6d845ab4086e81d9d586bf416dbea
SSDEEP

6144:qe0KpV3hMyRrgkFaTV/YaYEeVvsPrNTxzEuBD1SUpZR5Oqk6HiVpw4+HZ5f6:JjMYrgKax/YHEeVvsDNdzEM1SQvPCVm1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2fb56f76f78f849b6bcdf2dfb09ad25_JaffaCakes118

Files

b2fb56f76f78f849b6bcdf2dfb09ad25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b2848bedaafc2679005771096695ac68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

PropSysFreeString
CoInitialize
CoRevokeClassObject
OleSave
CoCancelCall
CLIPFORMAT_UserUnmarshal

kernel32

GetModuleHandleA
SetThreadPriority
GetStartupInfoA
WriteProfileSectionW
VirtualProtect
BuildCommDCBA
GetPriorityClass
GetCommandLineA
GetLongPathNameW
CreateHardLinkA
DeleteVolumeMountPointA
GetLongPathNameW
GetTimeZoneInformation
DisableThreadLibraryCalls
QueryDosDeviceA

msvcrt

_wspawnle
localtime
system
__fpecode
atoi
_wsearchenv
_cgets
_wexecve
_ungetch
__p__environ

advapi32

QueryAllTracesA
RegSetValueW
SetEntriesInAuditListW
GetSidIdentifierAuthority
StartTraceA
GetSidIdentifierAuthority
WmiMofEnumerateResourcesA
WmiSetSingleInstanceA
SystemFunction003

user32

FindWindowExA
GetSubMenu
GetGUIThreadInfo
EnableMenuItem
DrawFocusRect
DdeConnect
GetKeyNameTextW
ShowCaret

gdi32

GdiEntry12
SelectClipRgn
GdiEntry13
ChoosePixelFormat
GdiCreateLocalMetaFilePict

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2848bedaafc2679005771096695ac68

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

msvcrt

advapi32

user32

gdi32

Sections

.text Size: 379KB - Virtual size: 379KB

.data Size: 2KB - Virtual size: 541KB

.rsrc Size: 1024B - Virtual size: 972B

.text
Size: 379KB - Virtual size: 379KB

.data
Size: 2KB - Virtual size: 541KB

.rsrc
Size: 1024B - Virtual size: 972B