02a7e926c827c520122fcf6a4567314c_JaffaCakes118

General

Target

02a7e926c827c520122fcf6a4567314c_JaffaCakes118
Size

112KB
MD5

02a7e926c827c520122fcf6a4567314c
SHA1

3c30ff40ef14baaf3d7ea74cabafdd0ab4d6b162
SHA256

6b6f47abe5a8103adf1b12e5f3651ed24b632a64c5c94ce297a6f9ca0710f772
SHA512

bdcb94e511b12f5d987cb6c493c74a609c1582020b06545654a6c79a0fd72372d25a716cac4919108639cae484dbb3d39cb2dda39539c309a03f011bf5fed7ad
SSDEEP

3072:3XVn8iDW2JpOxR7eAN1NdO/9T2/Qx5lCAeD2EFnBSr1rvSgA//:3l8qW2J8yA/NdO/kox5lCd2EFnBSr1ry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
02a7e926c827c520122fcf6a4567314c_JaffaCakes118

Files

02a7e926c827c520122fcf6a4567314c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80b2021890495e7434cb7154b457efa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

GetThemeFont
GetCurrentThemeName
IsThemeActive
DrawThemeEdge
CloseThemeData
SetWindowTheme
GetThemeInt
GetThemeBool
GetThemeEnumValue
GetWindowTheme
GetThemeColor
GetThemeTextMetrics

kernel32

lstrcpynW
GetProcessHeap
QueryDosDeviceW
ReplaceFileA
CreateMutexW
SystemTimeToFileTime
FindNextFileA
GetBinaryTypeA
DeleteFileW
WriteConsoleW
WriteFile
CreateFileA
ReadFile
GetProcAddress
GetVersion
OpenJobObjectA
GetModuleHandleA
CopyFileA
GetDriveTypeW
CreateHardLinkA
GetLocaleInfoW
WaitForSingleObjectEx
lstrcatA
GetFileSize

wtsapi32

WTSVirtualChannelPurgeInput
WTSFreeMemory
WTSSendMessageA
WTSEnumerateSessionsA
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSTerminateProcess
WTSSetUserConfigA
WTSEnumerateProcessesA
WTSRegisterSessionNotification
WTSOpenServerA
WTSDisconnectSession
WTSVirtualChannelWrite
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA

dhcpcsvc

DhcpEnumClasses
McastApiCleanup

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80b2021890495e7434cb7154b457efa2

Headers

File Characteristics

Imports

uxtheme

kernel32

wtsapi32

dhcpcsvc

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 144B

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 144B