bb7a3b38960bf62eefb94d5c7b78eff2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb7a3b38960bf62eefb94d5c7b78eff2_JaffaCakes118
Size

2.0MB
MD5

bb7a3b38960bf62eefb94d5c7b78eff2
SHA1

fc046a2475e904ca87f10891b3ecf1370d8abdb6
SHA256

3b3494a0f39ce3bb5731294ac6e24df1c3b84cf40adf12066177665e4c5bf8fc
SHA512

b0f60ec84ae8c67a357b7c91669c18f37faeb9c1a1009099cbbb9b7f38512dfb0482c7e79d68688236100141008a99ffa4a79483292fb3c9e460571a58e1f49c
SSDEEP

49152:C3m8L+XfCHFrmFutPW9eJp6B7m9A9Fx9ny53V/MpMqtTk5:C28L4CHFrmFutPvpQ7EoFxyGxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb7a3b38960bf62eefb94d5c7b78eff2_JaffaCakes118

Files

bb7a3b38960bf62eefb94d5c7b78eff2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

350d0040c35918dd2247358b59955f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
GetCommState
SetSystemTime
FindNextChangeNotification
GetProcessHeap
GlobalDeleteAtom
PeekNamedPipe
GetStringTypeExW
GetTickCount
GlobalAddAtomA
TryEnterCriticalSection
FindFirstFileW
SwitchToFiber
GetOverlappedResult
GlobalAddAtomW
SetCurrentDirectoryA
SetEndOfFile
RemoveDirectoryW
GetHandleInformation
SetThreadLocale
CompareStringW
SetCommMask
GetDiskFreeSpaceW
EnumResourceLanguagesW
GetLogicalDriveStringsA
FileTimeToLocalFileTime
FindFirstFileExW
lstrcmpiW
ScrollConsoleScreenBufferA
GetCommandLineW
PurgeComm
GetPrivateProfileSectionW
SetCommTimeouts
ExitProcess
SetErrorMode
MoveFileExA
IsDBCSLeadByteEx
LocalReAlloc

advapi32

GetSecurityDescriptorDacl
GetCurrentHwProfileW
BuildTrusteeWithSidW
CloseServiceHandle
RegSetValueW
IsTextUnicode
CryptReleaseContext
AllocateAndInitializeSid
RegQueryValueExA
CryptImportKey
RegCreateKeyW
CryptGenRandom
AbortSystemShutdownW
SetServiceStatus
GetSidSubAuthorityCount
RegUnLoadKeyW

ole32

CoFreeAllLibraries
CoImpersonateClient
StgSetTimes
CoUninitialize

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA

user32

GetClipCursor
SetKeyboardState
GetMenuItemID
CharUpperA
wsprintfW
SetSysColors
LoadImageW
IsRectEmpty
AppendMenuW
GetKeyboardLayoutNameW
IsCharUpperA
RegisterDeviceNotificationW
ValidateRect
GetKeyboardState
GetWindow
TabbedTextOutW
SetClipboardViewer

msvcrt

_wmakepath
_mbsdec
strstr
time
rename
_popen
puts
bsearch
iswdigit
wcstok
fwprintf
_mbctoupper
_putenv
iswctype
swprintf
ftell
_finite
_sleep
_wspawnvp

Sections

.text
Size: 5KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 18B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350d0040c35918dd2247358b59955f33

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

version

user32

msvcrt

Sections

.text Size: 5KB - Virtual size: 221KB

.text Size: 512B - Virtual size: 18B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 221KB

.text
Size: 512B - Virtual size: 18B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB