f577f8e3cadf5ee66955c576a34b69c1_JaffaCakes118

General

Target

f577f8e3cadf5ee66955c576a34b69c1_JaffaCakes118
Size

23KB
MD5

f577f8e3cadf5ee66955c576a34b69c1
SHA1

71546fa8637514fe2fae8c0c41bd090a3d7e5ddf
SHA256

587ace49ce000d322fce4286949ac9d5a5182e4f7890b2b252dea1aef0948e05
SHA512

dbfe0b1ab99267869025df0559afed408ffcc2bd26e59408b8f8fbef4eca482ec78f2ffde61c89314d2775afd68449a0737401d4aef360bedb46db905ad43bfa
SSDEEP

384:PmHcSA+/HHK8U8+V/2yvnf/JqHHHWChn+rEzV2tVWOZRnp5WRTpe8HHHHHHHHHH+:O8SlfqT8+VNnf/In22+w4VpnpYTpVnne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f577f8e3cadf5ee66955c576a34b69c1_JaffaCakes118

Files

f577f8e3cadf5ee66955c576a34b69c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f9850c3d1255fcd8746e6f331b5a211

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DragDetect
ChangeDisplaySettingsW
GrayStringA
IsWindowEnabled
PrivateExtractIconExW
DrawEdge
GetCursorPos
GetWindow

advapi32

DecryptFileW
CryptHashData
LsaEnumeratePrivilegesOfAccount
EqualDomainSid
SystemFunction007
ConvertSecurityDescriptorToAccessNamedW
CryptGetDefaultProviderW
CryptSetHashParam
WmiMofEnumerateResourcesW

kernel32

CreateProcessInternalWSecure
GetConsoleAliasExesW
GetVolumeNameForVolumeMountPointW
SetVDMCurrentDirectories
ReleaseSemaphore
RaiseException
SetFilePointer
GetThreadLocale
MoveFileA
GetEnvironmentVariableW
SetCurrentDirectoryW
FindAtomA
CreateDirectoryA
SetConsoleIcon
MapUserPhysicalPagesScatter

gdi32

GdiInitSpool
SwapBuffers
GetGlyphIndicesW
GdiPlayDCScript
DescribePixelFormat
BRUSHOBJ_pvGetRbrush

ole32

IsAccelerator
CoRegisterChannelHook
CreateAntiMoniker
OleIsCurrentClipboard
CoCopyProxy
WdtpInterfacePointer_UserFree
OleRegEnumFormatEtc

msvcrt

_hypot
__unDName
_control87
fseek
_findnexti64
__p___winitenv
_mbsnbcoll
acos
_ismbchira
_adj_fdivr_m64

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f9850c3d1255fcd8746e6f331b5a211

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

ole32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 4KB