465c7fb95c45008ddc6b940624745430_JaffaCakes118

General

Target

465c7fb95c45008ddc6b940624745430_JaffaCakes118
Size

120KB
MD5

465c7fb95c45008ddc6b940624745430
SHA1

c5cb7ac12964118a02bf42081948f7b337596caf
SHA256

21355753a277813cf58a348e389fa4feebca3f819ba7c78a8ab679a4f63d1953
SHA512

47da7a30600b53ec7f769280e62b108d5b36bc8d8fa3323ebac17456707cd141b031ae97ff66cf74637da9ff1683b7b14d0f2b7a978cece6d82f8e85f90b688f
SSDEEP

1536:iE+/4PkghqS5MVkW31G8KaEaoiXzCll4xArk/HvqbzFerKdNhaaXXr:iE+/4sxVz3EaoiDQ4CtFN/hXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
465c7fb95c45008ddc6b940624745430_JaffaCakes118

Files

465c7fb95c45008ddc6b940624745430_JaffaCakes118
.exe windows:6 windows x86 arch:x86

1f8e701d77c65891de640f35950cec2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ynmNa1OjKdUie.pdb

Imports

kernel32

CreateMutexExA
SetProcessWorkingSetSizeEx
Heap32Next
SetCurrentConsoleFontEx
GetLocalTime
SetTapePosition
GetCurrentProcess
GetProcessId
GetCommandLineW
CloseHandle
TryEnterCriticalSection
UnlockFile
GetStringTypeExA
GetUserGeoID
GetThreadLocale
SetNamedPipeHandleState

winscard

SCardFreeMemory

user32

GetWindowInfo
GetWindowDC
GetCursor
GetThreadDesktop
MenuItemFromPoint
DdeSetQualityOfService
PrintWindow
UserHandleGrantAccess

shlwapi

StrStrNIW

crypt32

CryptRegisterOIDFunction
CryptMsgOpenToEncode

advapi32

CryptGenKey

oleaut32

LPSAFEARRAY_UserSize
SafeArrayDestroyData

setupapi

SetupScanFileQueueW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 84KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f8e701d77c65891de640f35950cec2e

Headers

File Characteristics

PDB Paths

Imports

kernel32

winscard

user32

shlwapi

crypt32

advapi32

oleaut32

setupapi

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 1KB

.CRT Size: 84KB - Virtual size: 87KB

.data Size: 12KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 380B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 1KB

.CRT
Size: 84KB - Virtual size: 87KB

.data
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 380B