b9e5b771c3cb78dccfa550756a39ba14_JaffaCakes118

General

Target

b9e5b771c3cb78dccfa550756a39ba14_JaffaCakes118
Size

603KB
MD5

b9e5b771c3cb78dccfa550756a39ba14
SHA1

5ad070a71fe192a9c5ada14d016fc70f017be383
SHA256

309b29e947d1fc1e5b8e5f3b7d1f734f61e4ecd4fd6287a7f25a261c553fe244
SHA512

141fdcec3d6b7d7643489f60f62bb64b377e389276d38e0de4adb9d0119ad83cab260c92b7155246e25fd59891043f88a2ae1a2f3783229ccbfb4bb2dc7594e7
SSDEEP

12288:sbqsikWffJFopGwZ/8Zadq61u+EaLvCIU++r66PG7zZIYrI8cLj0URN1WQ2t:qqsTmf8p/6adq6MOvd+OzZzM8k1P1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9e5b771c3cb78dccfa550756a39ba14_JaffaCakes118

Files

b9e5b771c3cb78dccfa550756a39ba14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
LoadIconA
OemToCharA
DeleteMenu
PostMessageA
SendMessageA
SetMenuInfo
UpdateWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerQueryValueW
VerFindFileW
GetFileVersionInfoA

rpcrt4

tree_into_ndr
short_array_from_ndr
RpcObjectSetInqFn
RpcNsBindingInqEntryNameA
RpcMgmtSetServerStackSize
RpcBindingVectorFree
RpcBindingSetAuthInfoA
RpcBindingInqAuthClientExA
MesHandleFree

crtdll

fmod
_exit
_finite
_fpieee_flt
_isnan
isalpha
rand
swscanf
wcsxfrm

ntdll

DbgUserBreakPoint
LdrLoadDll
NtQuerySystemTime
NtSetInformationObject
RtlCreateSecurityDescriptor
RtlNtStatusToDosError
RtlStartRXact
RtlUniform
RtlUpperString
ZwAlertThread

kernel32

WriteProfileSectionW
VerLanguageNameA
SetLastError
SetCommTimeouts
PurgeComm
OpenJobObjectW
OpenEventW
LoadLibraryExA
LeaveCriticalSection
LCMapStringA
IsDBCSLeadByte
HeapAlloc
GlobalUnfix
GetTickCount
GetThreadTimes
GetQueuedCompletionStatus
GetPriorityClass
GetFileSize
GetDefaultCommConfigA
GetCommandLineA
FreeConsole
ExitProcess
DisableThreadLibraryCalls
DeleteFileA
CreatePipe

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

Imports

user32

version

rpcrt4

crtdll

ntdll

kernel32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.data Size: 510KB - Virtual size: 511KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 41KB - Virtual size: 40KB

.data
Size: 510KB - Virtual size: 511KB

.rsrc
Size: 51KB - Virtual size: 51KB