b5bf0b0cdf10a4ef5a8259a3916b69ba_JaffaCakes118

General

Target

b5bf0b0cdf10a4ef5a8259a3916b69ba_JaffaCakes118
Size

60KB
MD5

b5bf0b0cdf10a4ef5a8259a3916b69ba
SHA1

bdcf078cb097f9c09f2923fb07f56bb8f036d32d
SHA256

93547fff6dab77c89dd8f178cbd4e6d92a9417528f5c7784872f2fd24a131077
SHA512

89a4cdc181062bc4b14d52a4fd929adb330b92e13d93ebf395cb7b99f996aad5f455edc70581826a12b1e9cbe3fba2e0ce152e3fdc440dd8f48f6dd02bed868f
SSDEEP

768:Fzp4hwhYMZaDsJqVCm2G1TL2cdhJmaTnudwmqMJKGDto7u2wCvuKgfE:FzdEDsaTLhhJmaTnUJzoS2Rvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5bf0b0cdf10a4ef5a8259a3916b69ba_JaffaCakes118

Files

b5bf0b0cdf10a4ef5a8259a3916b69ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3f6643d99ad36d95497fd78125042e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
CloseHandle
GetProcAddress
GetModuleHandleA
SetPriorityClass
OpenProcess
WaitForSingleObject
TerminateProcess
GetCurrentProcessId
WaitForMultipleObjectsEx
Sleep
GetCurrentProcess
lstrcmpiA
GetPriorityClass
lstrcpyA
GetLastError
UnmapViewOfFile
lstrcpynA
MapViewOfFile
CreateFileMappingA
CreateFileA
LoadLibraryA
GetEnvironmentVariableA
VirtualQueryEx
GetEnvironmentStringsW
GetCommandLineW
ReadProcessMemory
WideCharToMultiByte
HeapFree
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
ReadFile
GetStringTypeW
GetStringTypeA
SetEndOfFile
SetFilePointer
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
ExitProcess
RtlUnwind
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

user32

SetForegroundWindow
CharNextExA
wsprintfA
GetWindowLongA
GetWindowTextA
SendMessageA
GetDesktopWindow
GetWindow
GetWindowThreadProcessId

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3f6643d99ad36d95497fd78125042e6

Headers

File Characteristics

Imports

kernel32

user32

version

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 22KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 22KB