bfb9db07d5272dd5ec4c95d9d5a49ef4_JaffaCakes118

General

Target

bfb9db07d5272dd5ec4c95d9d5a49ef4_JaffaCakes118
Size

2.3MB
MD5

bfb9db07d5272dd5ec4c95d9d5a49ef4
SHA1

0173bdf23b637022198b90b42abfe905581dc851
SHA256

142ad801c33e9ef280f04be239af5392df5686992fbb838a7fa69a67746b1172
SHA512

320a5064e798fe6d44a0592b89009b96c3e59cfe93b7f3b230f5e29de3b684ebd86d32548c005ad0e5c2edc3bfaccc044ba584c928bd825c91caafe35ca386f0
SSDEEP

49152:0vFyY8X4UOGYXMouvZMvlWvUZa528K4MZo:0MYO4UOGi3uvZMdWs0U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb9db07d5272dd5ec4c95d9d5a49ef4_JaffaCakes118

Files

bfb9db07d5272dd5ec4c95d9d5a49ef4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b819e25e9b22c77d0821a128f3742ccd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualAlloc
PeekConsoleInputA
GetThreadIOPendingFlag
SetDllDirectoryA
CancelWaitableTimer
QueryInformationJobObject
MoveFileWithProgressA
GetProcessHeap
GetProcessVersion
GetExitCodeThread
ReleaseSemaphore
OpenWaitableTimerA
GetConsoleCursorMode

user32

SendMessageCallbackA
MessageBoxTimeoutA
GetParent
PostThreadMessageW
CharPrevA
InvalidateRect
UnhookWindowsHookEx
DrawCaption
PostMessageW
RegisterLogonProcess
DrawTextExW
GetWindowTextLengthW
ScrollDC

Exports

Exports

CreateXeuqbwd
Mbuxhwfcd
GetTrhnhbjnq
Jgfljuikcmf
Tgdifwk
Juwmqcwfsbn
OpenDmevgro
Ulvoohwf
WriteJaooaadsrfp
Wfxaiaprrjg
IsUfdwggvcnbc
CreateTedbgpbps
Kcccoexiws
Ubfodtbume
Koweplga
Iexmktcxuu
Kpqhywwhvk
Meybouqfkve
AddTvrsjnw
OpenOemlvrssfpe

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 17.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b819e25e9b22c77d0821a128f3742ccd

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 512B - Virtual size: 17.9MB

.data Size: 1024B - Virtual size: 724B

.edata Size: 512B - Virtual size: 504B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 515KB - Virtual size: 515KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 512B - Virtual size: 17.9MB

.data
Size: 1024B - Virtual size: 724B

.edata
Size: 512B - Virtual size: 504B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 515KB - Virtual size: 515KB