b5b0ccd71de3bad765decb75bd2b1d28_JaffaCakes118

General

Target

b5b0ccd71de3bad765decb75bd2b1d28_JaffaCakes118
Size

52KB
MD5

b5b0ccd71de3bad765decb75bd2b1d28
SHA1

65da7164d1a43a4d9d8ae28a6c0ce79cea323dd0
SHA256

7c35157816de7fdb699a36af28d65cac7576c1bfec080074c0346b9a89d3a6b4
SHA512

48fc40c438b38cd381ae16321e7b5e2a4ca8e33cc0275a9b2c8f177ea904967d046f4d01c2679f59a72cd58a6aec9dfcbbc7bca5755bce2715412711998c0f16
SSDEEP

768:qx/K7iGJPNy1qIQN9WyzKvp6hXob7zKYpG1UZkwjrfeqt0y:H7i6gwrKvfvze2fFt0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5b0ccd71de3bad765decb75bd2b1d28_JaffaCakes118

Files

b5b0ccd71de3bad765decb75bd2b1d28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f9ccf3b7c080a6838acd2c29cb33044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleFileNameA
GetCurrentThreadId
FreeLibrary
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
GetSystemDirectoryA
ReadFile
SetFilePointer
GetLastError
lstrcmpiA
SetLastError
VirtualQueryEx
ReadProcessMemory
GetThreadContext
TerminateProcess
ResumeThread
GetFileAttributesA
WriteProcessMemory
GetModuleHandleA
VirtualProtectEx
VirtualAllocEx
VirtualAlloc
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetStringTypeW
IsBadReadPtr
Sleep
GetCommandLineA
GetWindowsDirectoryA
lstrcatA
DeleteFileA
MoveFileA
CreateThread
LoadLibraryA
GetProcAddress
lstrlenA
GetTempPathA
SetThreadContext
CreateProcessA
HeapReAlloc
HeapAlloc
RtlUnwind
GetStartupInfoA
GetVersion
HeapFree
VirtualFree
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter

user32

SetCursorPos
mouse_event
GetForegroundWindow
GetWindowLongA
GetClassNameA
GetWindowRect
GetCursorPos
GetInputState
PostThreadMessageA
GetMessageA
OpenDesktopA
CreateDesktopA
wsprintfA

advapi32

RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
ControlService
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
StartServiceA
CloseServiceHandle
QueryServiceStatus
CreateServiceA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f9ccf3b7c080a6838acd2c29cb33044

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB