ba283a2d9d1c7ddcb38b71df2ad449c2_JaffaCakes118

General

Target

ba283a2d9d1c7ddcb38b71df2ad449c2_JaffaCakes118
Size

212KB
MD5

ba283a2d9d1c7ddcb38b71df2ad449c2
SHA1

0bfe2b225790762b92848b6e0a5a8f76360b62ff
SHA256

1c5fcdcdd744af1321c47a9a6972d920d16b3c6d46ebeae76639142b4f3fb92a
SHA512

815adb3cd198868628c80934e55b0079379fef379c6446658091ba3dd61b1b010a99a2b2caa6a973a01c25688118ce4d0642d4d8a13a222f15c64100f14d117b
SSDEEP

3072:+xhATOey58mOXk1Xh5Q2Mg+kgMnCE0Ee4:tXa8a1c2MgiOCEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba283a2d9d1c7ddcb38b71df2ad449c2_JaffaCakes118

Files

ba283a2d9d1c7ddcb38b71df2ad449c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c2538981cfdeb005a3c2d4e7510a4db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SearchPathA
SetUserGeoID
ReadConsoleA
GetCalendarInfoA
GetFileAttributesExA
ReadConsoleA
GetCommandLineA
GetModuleFileNameA
FindNextVolumeMountPointA
GetConsoleCursorMode
DefineDosDeviceA
GetThreadPriority
GetModuleFileNameA
GetConsoleCursorInfo
GetNamedPipeInfo
SetConsoleCursorInfo
GetQueuedCompletionStatus
ExitProcess
IsBadWritePtr
LoadLibraryExA
GetCommandLineW
GetConsoleKeyboardLayoutNameA
WriteConsoleOutputA
GetExitCodeProcess
OpenMutexA
WriteConsoleOutputAttribute

wininet

HttpSendRequestA
InternetConnectA
HttpAddRequestHeadersA
InternetReadFile
HttpQueryInfoA
InternetOpenW
HttpOpenRequestA

user32

GetCursorFrameInfo
SetClipboardData
GetRawInputDeviceInfoA
GetSubMenu
GetKeyboardLayout
GetMonitorInfoA
InflateRect
SetLayeredWindowAttributes
UpdateLayeredWindow
CopyImage
CreateDesktopA
ScrollWindowEx
RegisterTasklist
GetClipboardViewer
GetWindowTextA
DrawTextExW
GetMenuStringA
CopyAcceleratorTableA
EnumPropsA
ChildWindowFromPoint
GetWindowRgn
TileChildWindows

Exports

Exports

Edekxor
Rmahtxy

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c2538981cfdeb005a3c2d4e7510a4db

Headers

File Characteristics

Imports

kernel32

wininet

user32

Exports

Exports

Sections

.itext Size: - Virtual size: 2KB

.text Size: 200KB - Virtual size: 479KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.itext
Size: - Virtual size: 2KB

.text
Size: 200KB - Virtual size: 479KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB