b6e7c7129f25bd8c18604464f52d4429_JaffaCakes118

General

Target

b6e7c7129f25bd8c18604464f52d4429_JaffaCakes118
Size

28KB
MD5

b6e7c7129f25bd8c18604464f52d4429
SHA1

4f932ca7b4f33ae4521cd2420f0446dc4216adbc
SHA256

5e7d63f6e1e78e370690b4d1d417a2f8a76a87e1f52e1a4a84e38a2715985aa0
SHA512

86f295778702fc5f3cfd2bd29ed816386a8a5ee1d65aa87476eb44440aeaa60a7fb3fbec5b5fa3b9104d1322b2d653ef06ea7dda6768cc536c192db009c874b9
SSDEEP

192:eY6/NpQ4/0wki6Efu/OnTm7aYluL4oyntMtfIQd5t5vP9L2i6kq0qLXJBK9sThOc:eYqQcyR/s45I4XMdT52xkq0qLqGOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6e7c7129f25bd8c18604464f52d4429_JaffaCakes118

Files

b6e7c7129f25bd8c18604464f52d4429_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d62007ca7af8b5ea05c82909de1cd665

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4234
ord6215
ord2864
ord1168
ord800
ord2764
ord537
ord2818
ord540
ord2820
ord4160
ord3811
ord825

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
_splitpath
_mbsicmp
__CxxFrameHandler
_purecall
_controlfp

kernel32

DeviceIoControl
lstrcmpiA
CreateProcessA
lstrcatA
CreateFileA
CreateThread
WideCharToMultiByte
GetLastError
CloseHandle
SetEvent
WaitForSingleObject
CreateEventA
GetModuleHandleA
GetModuleFileNameA
WaitForMultipleObjects
lstrcpyA

user32

UnregisterDeviceNotification
RegisterDeviceNotificationA
wsprintfA
GetParent

advapi32

OpenSCManagerA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
SetServiceStatus
DeleteService
OpenServiceA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
CreateServiceA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInterfaceA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d62007ca7af8b5ea05c82909de1cd665

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

setupapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 568B

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 568B

.rsrc
Size: 8KB - Virtual size: 4KB