bd2c7b15536cb7c113dd31d805475399_JaffaCakes118

General

Target

bd2c7b15536cb7c113dd31d805475399_JaffaCakes118
Size

139KB
MD5

bd2c7b15536cb7c113dd31d805475399
SHA1

a06d19eae0ae13d190307faafff7650e5a6348f1
SHA256

f3b00e2cbc4f20bf239e19dcd5cb5777419322e304766115eeec88e9aa2a005a
SHA512

408d28c47836af325c71f5f3b6cddc082e5d8fae3a1aa615b5957a2e85342b07e82885cac51029629598320a1a3e3da69c9b321b94dbea6ee2d904d55d53c9d5
SSDEEP

3072:/1iDnxlnTnmGjKBQyB1gMDqR16lI8zzWhRbnjWyii5lvccNPjO2:/1iDxlnTmFBCyqRclItbjWNi5ldE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd2c7b15536cb7c113dd31d805475399_JaffaCakes118

Files

bd2c7b15536cb7c113dd31d805475399_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3685b8ab1b929aca332fd03c27497157

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
FindFirstVolumeMountPointA
GetCurrentProcessId
HeapReAlloc
GetLogicalDriveStringsA
GetFileAttributesExA
GetNamedPipeHandleStateA
WaitNamedPipeA
SetConsolePalette
GetConsoleInputExeNameA
GetConsoleMode
OpenThread
VirtualFree
VirtualAlloc
GetProcessHandleCount
GetLocaleInfoA
WritePrivateProfileStructA
SetThreadPriorityBoost
RequestWakeupLatency
GetConsoleCursorMode
CreateWaitableTimerA
WriteConsoleInputA
GetFullPathNameA
FlushFileBuffers
Heap32ListFirst
GetVersion
GetStartupInfoA
OpenMutexA
GetCommModemStatus
DisconnectNamedPipe
SetHandleInformation
PulseEvent
GetCommandLineW
WritePrivateProfileStringA
EnumUILanguagesA
GetCurrentProcessId
SetEvent
VirtualLock
GetSystemDirectoryA
IsValidCodePage
FindFirstChangeNotificationA
DeleteFileA
GetProcessHeaps
ReadFile
SetThreadLocale
Heap32First
ReadConsoleOutputCharacterA
GetProcessShutdownParameters
OpenProcess
GetThreadSelectorEntry
CancelWaitableTimer
WriteConsoleOutputAttribute
GetCPInfoExA
WaitForSingleObject
MapUserPhysicalPages
FindFirstFileExW
GetCommModemStatus
GetFileType
WriteConsoleA
SetCommState
GetCurrentConsoleFont
GetModuleFileNameA
LocalAlloc
SetProcessPriorityBoost
SetConsoleTitleA
OutputDebugStringA
GetLastError
GetQueuedCompletionStatus
ReadConsoleOutputAttribute

Exports

Exports

AddRmavcvq
GetDptvdhh
Gjsefryoje
InitBmjkpif
GetQmernvhoget
Vgqoynenp
Usoxriu
GetGvbmgvxvsao
BeginSxgoedby
Qqfadxfph
SetJnbevlbf
Eoxexey
Kuxmernbat
Jurcpnydqt
Ocrchsdyju
Xacprcee
Xahayjqwgry
CloseMkomlhmwfwc
CloseEsvuvjveds
Kbudpvv

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3685b8ab1b929aca332fd03c27497157

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.idata Size: 2KB - Virtual size: 146KB

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 81KB - Virtual size: 81KB

.idata
Size: 2KB - Virtual size: 146KB

.rsrc
Size: 54KB - Virtual size: 54KB