c0a90ee29f1cc4689d94db628e87a0c8_JaffaCakes118

General

Target

c0a90ee29f1cc4689d94db628e87a0c8_JaffaCakes118
Size

96KB
MD5

c0a90ee29f1cc4689d94db628e87a0c8
SHA1

c390412e1be4ae8d111a70dc038e32c35aba7967
SHA256

4bff537e3246ca93c82dd22f9f4526cecddbb5f97afd62128cbe15af40554744
SHA512

500c8ae24f7939a422eacb8981d5787544c323d2955ca51a6607076521498badf873277625a6b0ccfcec51f3a481e8672a4449e797cafde6ce7235df439d8288
SSDEEP

1536:nhc7zscICJOaVFlt2vHw2DhqN93xMxq0xEGz0NKwBg:nhA4cIFaVFl2wbxMxlEGeKwB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0a90ee29f1cc4689d94db628e87a0c8_JaffaCakes118

Files

c0a90ee29f1cc4689d94db628e87a0c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a88b4c30bf4939da458f75ced07b94cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
LeaveCriticalSection
EnterCriticalSection
WriteFile
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetVolumeInformationA
GetProcAddress
FreeLibrary
LoadLibraryA
DeleteFileA
ReleaseMutex
WideCharToMultiByte
WaitNamedPipeA
GetLastError
CreateMutexA
GetSystemDirectoryA
GetTempPathA
InitializeCriticalSection
DeleteCriticalSection
SuspendThread
WinExec
ResumeThread
MoveFileExA
CreateThread
GetStartupInfoA
GetModuleHandleA
lstrlenA
Sleep
MultiByteToWideChar
WaitForSingleObject
GetPrivateProfileStringA

user32

CharLowerA
SystemParametersInfoA
CharUpperA
ShowWindow
SendMessageA
SetCursorPos
ClientToScreen
FindWindowExA
RegisterWindowMessageA
SendMessageTimeoutA
FindWindowA
GetWindowThreadProcessId
mouse_event
SetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
VariantClear

msvcrt

strncpy
_stricmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
localtime
strncmp
strstr
free
sprintf
atoi
malloc
__CxxFrameHandler
rand
wcscmp
_strlwr
srand
time

netapi32

Netbios

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a88b4c30bf4939da458f75ced07b94cd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

netapi32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 5KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 5KB