cf37105d6aa71e5cd2cab86f4e227a16_JaffaCakes118

General

Target

cf37105d6aa71e5cd2cab86f4e227a16_JaffaCakes118
Size

68KB
MD5

cf37105d6aa71e5cd2cab86f4e227a16
SHA1

e3b9457ee74227a40f5ce80bb85eb6f6e22f94a4
SHA256

10f8cbbe3882e54d942fbbdf7303e04f5b1b7a2c02f36e71d6e1cd8c5d6ba02b
SHA512

a892ad14a62518b2d9470591b2d9adc5a4fe46f199458d84fa296b6cdce926a35026ebeb08442800cf6044d4b3d5b08ad5dacd3a1d40279ce35e131600c9061d
SSDEEP

768:XBdCWIkusBkg4wp5NRFE8Rdid3PAHjVrrAR4:fCDj4kg4wpfRmkiChrrAR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf37105d6aa71e5cd2cab86f4e227a16_JaffaCakes118

Files

cf37105d6aa71e5cd2cab86f4e227a16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b231a417b618233415fbafdff7aa6b5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW
EnumProcessModules
EnumProcesses

kernel32

SetFileAttributesW
SetFileTime
CloseHandle
CreateThread
SystemTimeToFileTime
CreateFileW
CopyFileW
FindClose
GetModuleFileNameW
GetSystemDirectoryW
GetLastError
Sleep
OpenProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetCurrentProcessId
WriteProcessMemory
VirtualAllocEx
OutputDebugStringW
GetExitCodeThread
FindFirstFileW
GetFileAttributesA
RtlUnwind
HeapFree
WriteConsoleA
CreateFileA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetFilePointer
SetStdHandle
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeW
GetACP
WriteFile
HeapAlloc
VirtualAlloc
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LCMapStringA
LCMapStringW
GetCPInfo
LoadLibraryA
GetOEMCP
FlushFileBuffers
HeapReAlloc
SetEnvironmentVariableA
CompareStringA
CompareStringW
GetStringTypeA

user32

mouse_event
SetCursorPos
GetForegroundWindow
GetWindowRect
GetCursorPos
GetWindowTextW
GetWindowPlacement

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

Sections

pec1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b231a417b618233415fbafdff7aa6b5c

Headers

File Characteristics

Imports

psapi

kernel32

user32

advapi32

Sections

pec1 Size: 32KB - Virtual size: 32KB

pec2 Size: 28KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 4KB

pec1
Size: 32KB - Virtual size: 32KB

pec2
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 4KB