24694fdfdf16084f4e39a683455ddac0_JaffaCakes118

General

Target

24694fdfdf16084f4e39a683455ddac0_JaffaCakes118
Size

420KB
MD5

24694fdfdf16084f4e39a683455ddac0
SHA1

a23dce4b948395f8d448006adc3ab71a9dd6abb5
SHA256

a160c05756d81a76a8298b90160999711caa853d5d17771c6bef0d52c38910ff
SHA512

c25983e652d55c9160e6de86e9b3b3736f8fc175d800da5401ec7e51dbd243f4af1d943ae879a9525008323ea1b1310a2cf08e3e690952e2158a34b5086d9db1
SSDEEP

6144:Na/SLBjqbdiT+3mHFfutZTP0P3gXkHclSTu8yfYsbHmze84C3SU8rp0xe:QSL8bugT0PwEhiGK8B3Op0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24694fdfdf16084f4e39a683455ddac0_JaffaCakes118

Files

24694fdfdf16084f4e39a683455ddac0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a7fc5816e3c1142a66119c221006c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

fputwc
strcmp
isxdigit
free
strstr
sin
strlen
exp
tan
malloc

advapi32

RegCreateKeyW
RegisterEventSourceA
RegQueryValueExW
ReportEventW
DeregisterEventSource
ElfReportEventW
RegEnumValueW
RegQueryValueW
RegQueryInfoKeyW

kernel32

GetProcessHeap
GetTempPathW
HeapFree
InvalidateConsoleDIBits
PurgeComm
HeapAlloc
GetWindowsDirectoryW
FindNextChangeNotification
GetUserDefaultLCID
GetModuleFileNameW
VirtualAlloc
GetSystemDirectoryW
GetDiskFreeSpaceExW

user32

PrintWindow
GetMessageA
GetAltTabInfo
GetWindowContextHelpId
TranslateMessageEx
NotifyWinEvent
IMPQueryIMEA
LoadMenuA
GetForegroundWindow
CreateAcceleratorTableW
ResolveDesktopForWOW
SendIMEMessageExA
CharLowerW
InvertRect

es

ServiceMain
DllCanUnloadNow
LCEControlServer

msrd2x40

DllRegisterServer

mfc42

DllUnregisterServer
?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllRegisterServer

loghours

ReplicationScheduleDialogEx
DirSyncScheduleDialog
DialinHoursDialogEx
DirSyncScheduleDialogEx

Sections

.text
Size: 412KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a7fc5816e3c1142a66119c221006c4

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

es

msrd2x40

mfc42

loghours

Sections

.text Size: 412KB - Virtual size: 416KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 412KB - Virtual size: 416KB

.rsrc
Size: 7KB - Virtual size: 6KB