bc4395a8c1e4e729d1ed5a890a223b38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc4395a8c1e4e729d1ed5a890a223b38_JaffaCakes118
Size

113KB
MD5

bc4395a8c1e4e729d1ed5a890a223b38
SHA1

d0df3443ff2d2d5860c29c6c2d53e0a8a8cf04be
SHA256

04ffc660cdb2a35657cb73a0f61c63d716eb63967b11c21afa460f4081d4ca56
SHA512

c991e0f6f5cf351af55d2c72639b98035f5f01fd45cc0fac4cb4c82fe5885ce567ec13c714911aded421f624775964e9da81f6d6bd3f48363eac51f9d1d0f5c1
SSDEEP

1536:mbW7ZIekm+M8UvBPU6M2oD3KT6tNDV62M42n1rNK0cqyKMMiU1aoauY:9ROUJPU6ULVLZ21xKfKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc4395a8c1e4e729d1ed5a890a223b38_JaffaCakes118

Files

bc4395a8c1e4e729d1ed5a890a223b38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

467139995489b0ff1e0bc009a5395b58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
CreateServiceA
InitializeSecurityDescriptor
OpenProcessToken
AdjustTokenPrivileges

ole32

ReleaseStgMedium
ReadClassStg
OleSaveToStream
OleFlushClipboard
CreateOleAdviseHolder
CreateDataAdviseHolder
CoRegisterClassObject
CoGetClassObject
CLSIDFromString

user32

SetMenuInfo
SetFocus
RegisterClassA
LoadIconA
DrawMenuBar
DrawCaption
CharToOemA
ActivateKeyboardLayout

shell32

SHGetMalloc
SHBindToParent
SHFileOperationA
SHGetFileInfoA

shlwapi

StrStrIA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA
PathIsRootA
PathIsRelativeA

msvcrt

malloc
getenv
memset
realloc
strcmp
strlen
strstr
strtol
__dllonexit
free
fflush
_except_handler3
__set_app_type
memchr

kernel32

ExitThread
GetCommandLineA
OpenFileMappingA
lstrcpynA
ExitProcess

Exports

Exports

Bqe
Eni
Mxa
Nkh
Nzb
Plj
Qpa
Sju
Vyb
Won

Sections

.text
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

467139995489b0ff1e0bc009a5395b58

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 28KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 23KB - Virtual size: 24KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 24KB - Virtual size: 28KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 23KB - Virtual size: 24KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB