e7cf9c20f640cf72848281eb90595152_JaffaCakes118

General

Target

e7cf9c20f640cf72848281eb90595152_JaffaCakes118
Size

36KB
MD5

e7cf9c20f640cf72848281eb90595152
SHA1

bbc300d451560996325632b9df7dce0a1da6333c
SHA256

c79d6d3c4403546d21a20f701b05b0c502ac961881d8c7abe8f4097d5d81095d
SHA512

9a8f042e52c26f67cb86d6918a0a9278b94d5bad9c2c85b5c855d65fb8e2ffddc79a706c33736b12314fb9e8a4dcada30030dfe746adea6374ebfe69778a1158
SSDEEP

768:8RdrcBJAh6vjwkbuo1L6+oFX8qYE32U0+lSawpadndortNbVSU:SdiM6Mk6ULFnE/bNdoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7cf9c20f640cf72848281eb90595152_JaffaCakes118

Files

e7cf9c20f640cf72848281eb90595152_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bb4bd4f1d20065e52a868fd0f96efcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleRegEnumVerbs
OleCreateLinkFromDataEx
CoGetMalloc
CoGetMarshalSizeMax
CoGetObjectContext
OleSetMenuDescriptor
CoTaskMemFree
OleInitialize
OleLockRunning
CoLoadLibrary
OleCreateEx

user32

SystemParametersInfoA
DestroyWindow
DrawEdge
RegisterClassExA
ScreenToClient
GetWindowRect
GetDoubleClickTime
UnionRect
DeleteMenu
DialogBoxIndirectParamA
DefMDIChildProcA

msvcrt

atoi
_wfullpath
_onexit
_wcsicmp
wcsstr
_except_handler3
time
wcsrchr
tolower
_strcmpi
_splitpath

advapi32

EqualSid
GetSidIdentifierAuthority
StartServiceA
GetSidSubAuthorityCount
IsValidSecurityDescriptor
QueryServiceObjectSecurity
SetKernelObjectSecurity
RegQueryValueExA
AddAce
CreateProcessAsUserA
RegDeleteKeyA

kernel32

LoadResource
HeapFree
GetProcessHeap
VirtualFree
WriteConsoleA
TlsSetValue
WideCharToMultiByte
ReadProcessMemory
GetVersion
GlobalUnlock
TerminateThread
ResumeThread
GetCurrentThread
WaitForMultipleObjects
GetUserDefaultLCID
FindFirstFileA
GetStringTypeA
InterlockedIncrement
lstrcmpiA
GetACP

gdi32

SetBkMode
StartDocA
RestoreDC
CreatePen
SetROP2
SelectObject
GetDeviceCaps

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bb4bd4f1d20065e52a868fd0f96efcb

Headers

File Characteristics

Imports

ole32

user32

msvcrt

advapi32

kernel32

gdi32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 3KB - Virtual size: 67KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 3KB - Virtual size: 67KB

.rsrc
Size: 1024B - Virtual size: 984B