f71d4d6864c51f508020ae23199edc09_JaffaCakes118

General

Target

f71d4d6864c51f508020ae23199edc09_JaffaCakes118
Size

38KB
MD5

f71d4d6864c51f508020ae23199edc09
SHA1

a243989c774dc8daf12c38dde04865ab1fe68736
SHA256

70c16904e1e54170c92d3e5b5e5d37091a7dd2a0cd5a1dbf30f25c97833a70cc
SHA512

c4d3176487b2ca8a626d296f2955b7d6e5ae96f94ed9dd5c9af9d7f3e2febf624991873f35133ddc8ac3efe6a3ac56af97750c5f0a545b75c5a15009f8db7e72
SSDEEP

768:tq8NdnDo0qD+5O1MbTQpKJN/gNCzjDM8XjefNJlSN6WfJCQr4QhYuHOPP+:48TDo0c+O70JN/S38TeVTSN6ydr4tuuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f71d4d6864c51f508020ae23199edc09_JaffaCakes118

Files

f71d4d6864c51f508020ae23199edc09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e05c12cbc87010536cf7e3ace112345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
GetStringTypeW
IsValidLocale
GetLastError
GetFileAttributesA
WriteConsoleA
ResumeThread
IsDebuggerPresent
HeapAlloc
InterlockedDecrement
FreeEnvironmentStringsA
DeviceIoControl
GetSystemDirectoryA
CreateFileMappingA
GetCurrentProcess
OpenProcess
SetPriorityClass

gdi32

BitBlt
CreateFontIndirectA
SetMapMode
GetBkColor
CreateCompatibleDC
MoveToEx
SetROP2
RestoreDC
Ellipse
StartPage
Polyline
SelectClipRgn

user32

DefDlgProcA
WindowFromPoint
IsZoomed
EnableWindow
SetWindowPos
SetForegroundWindow
LoadBitmapA
DefMDIChildProcA
RegisterClassExA
GetSubMenu
GetUserObjectSecurity

ole32

BindMoniker
OleCreateLinkFromDataEx
OleUninitialize
CoRegisterMessageFilter
OleCreateEx
OleQueryCreateFromData
OleCreateFromFileEx
CoTreatAsClass
CoAddRefServerProcess
CoUninitialize
OleQueryLinkFromData
CoGetObject

advapi32

OpenProcessToken
MapGenericMask
GetSidIdentifierAuthority
CreateProcessAsUserA
CloseServiceHandle
SetKernelObjectSecurity
RegCreateKeyA
OpenSCManagerA
RegSetValueExA
QueryServiceObjectSecurity
SetTokenInformation

msvcrt

qsort
strncmp
_ltow
_controlfp
wcsrchr
_adjust_fdiv
strcpy
atoi
wcscpy
time
bsearch
_strnicmp
strcspn

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e05c12cbc87010536cf7e3ace112345

Headers

File Characteristics

Imports

kernel32

gdi32

user32

ole32

advapi32

msvcrt

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 65KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 65KB

.rsrc
Size: 1KB - Virtual size: 1KB