b5bd0e8bc68aec67995e8ffb13020c8a_JaffaCakes118

General

Target

b5bd0e8bc68aec67995e8ffb13020c8a_JaffaCakes118
Size

368KB
MD5

b5bd0e8bc68aec67995e8ffb13020c8a
SHA1

3f080b810f6659a1ef805d2f438e744aa11d24b3
SHA256

120938c23bde3b61a50448390bbf5d0e2bc35097e5b17f518f70578c104a492d
SHA512

81bad2dc763851c1f6bb9f8d4b98fbc97b54d6f93aa50b532649202b6495f477a00cd5e168ee9aa6b24570b98774cde152f645ee219a91a18d60e5255ae29755
SSDEEP

6144:AheChRnliahLpjtf4xGY5RZK0Kaw3reAvb2IqGxqmvCMe0K7TBSsskt8eWMu:AhhhRli+Lpjtf4xGY5RM0KamCOxRe0KK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5bd0e8bc68aec67995e8ffb13020c8a_JaffaCakes118

Files

b5bd0e8bc68aec67995e8ffb13020c8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

271c65cb601f3247ced94f5c65a232c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
OpenSemaphoreW
HeapDestroy
SetVolumeLabelW
RtlUnwind
WritePrivateProfileStringA
TlsFree
GetCurrentProcess
GetProcAddress
VirtualAlloc
WriteConsoleW
UnhandledExceptionFilter
HeapReAlloc
CreateMailslotW
GetThreadPriorityBoost
ReleaseMutex
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
ReadConsoleOutputA
GetProfileIntA
EnumSystemLocalesW
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
SetLastError
HeapLock
GetConsoleCursorInfo
QueryPerformanceCounter
SetLocalTime
FreeEnvironmentStringsA
GetDriveTypeW
VirtualQuery
GetCurrentThreadId
HeapAlloc

comdlg32

ChooseColorA
LoadAlterBitmap
GetOpenFileNameA
GetFileTitleA
ChooseColorW
FindTextA
PrintDlgA

advapi32

LookupAccountNameA
CreateServiceW
RegEnumKeyA
CryptHashData
RegSetValueA
CryptSetProviderExW
RegCreateKeyExA
CryptEnumProviderTypesA
DuplicateTokenEx
ReportEventA
CryptSetProvParam
AbortSystemShutdownW
RegConnectRegistryW
RegSetKeySecurity
RegSetValueExW
InitializeSecurityDescriptor
CryptEnumProvidersA
RegQueryMultipleValuesW
RegDeleteValueW
LookupPrivilegeNameW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

271c65cb601f3247ced94f5c65a232c7

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

Sections

.text Size: 97KB - Virtual size: 96KB

.data Size: 262KB - Virtual size: 262KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 97KB - Virtual size: 96KB

.data
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 8KB - Virtual size: 7KB