b8cd56ce63e1a60a41934ad56a5c8e5a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8cd56ce63e1a60a41934ad56a5c8e5a_JaffaCakes118
Size

44KB
MD5

b8cd56ce63e1a60a41934ad56a5c8e5a
SHA1

9b09acdb90557eacb7f74f2b04ab1b3d360978c1
SHA256

5b6f29d47d6ce9842d35c3b11ff1d04681b2675f7b98836eb938592861f114e2
SHA512

b6cc9be0c8472b364d97b3d9b87a495a0787351a72cc97b1098534f5c1d029efff4118dfd8ba7a74843a3509d415fd5a321084198cedbd1238491a3b797b6df4
SSDEEP

384:qAG+4NbbFyDdf/7oxqUNJeLVHFCoJB6nFnzAcoFSQ8Ft57ifdra:f4NeLoxqUzoVlCoJByFnMco2F37sdra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8cd56ce63e1a60a41934ad56a5c8e5a_JaffaCakes118

Files

b8cd56ce63e1a60a41934ad56a5c8e5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3286e6bdbce0bf95d72828f930d3f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

kernel32

GetLastError
OutputDebugStringA
CloseHandle
lstrcmpiA
Sleep
WaitForMultipleObjects
SetThreadPriority
GetCurrentThread
DeviceIoControl
CreateEventA
CreateThread
WaitForSingleObject
SetEvent
CreateFileA
lstrcatA
lstrcpyA
MultiByteToWideChar
GetWindowsDirectoryA
LCMapStringA
VirtualQuery
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo
VirtualProtect
CreateProcessA
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

CreateWindowExA
RegisterClassExA
PostMessageA
GetMessageA
DispatchMessageA
TranslateMessage
RegisterDeviceNotificationA
PostQuitMessage
SetWindowLongA
DefWindowProcA
UnregisterDeviceNotification
FindWindowA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3286e6bdbce0bf95d72828f930d3f9f

Headers

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.sxdata Size: 4KB - Virtual size: 24B

.rsrc Size: 4KB - Virtual size: 32KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.sxdata
Size: 4KB - Virtual size: 24B

.rsrc
Size: 4KB - Virtual size: 32KB