63cca393ab309282e416f7a1dcb97dd6_JaffaCakes118

General

Target

63cca393ab309282e416f7a1dcb97dd6_JaffaCakes118
Size

172KB
MD5

63cca393ab309282e416f7a1dcb97dd6
SHA1

adf92dfee2d96be5186c5e3c4f449a00970a8998
SHA256

0191b05e5ce7e3b5fe92a3326ca74493be9fd9d8e31bdaefa68cbc5c9b6f62e7
SHA512

9dae69df205094ef5c11b560db204385db139d4b880b4ef28872bcf7b8248b6bd8e1af62ef62092a9986d9a67132e8b9c2ddc9b8aafe146173ea6a1e51202497
SSDEEP

3072:dwa+jvXl2YCdruDD9jiWC4dzopFFICWY86bIWLu4Nrme/1Z7:jYl7WrOiWa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
63cca393ab309282e416f7a1dcb97dd6_JaffaCakes118

Files

63cca393ab309282e416f7a1dcb97dd6_JaffaCakes118
.exe windows:6 windows x86 arch:x86

4de269ae019287033a9b1f71217d4976

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeleteAce
CreateWellKnownSid
ImpersonateSelf
DeleteService

ws2_32

shutdown

user32

GetMenuDefaultItem
LogicalToPhysicalPoint
FrameRect
BroadcastSystemMessageA
GetLastActivePopup
GetWindow

kernel32

GetTickCount64
GetSystemDefaultUILanguage
CreateSemaphoreW
GetCommandLineW
GetFileMUIPath
SetThreadStackGuarantee
GetConsoleWindow
GetTimeZoneInformation
GetThreadPriority

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 4KB - Virtual size: 241B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 267B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4de269ae019287033a9b1f71217d4976

Headers

File Characteristics

Imports

advapi32

ws2_32

user32

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

DATA Size: 104KB - Virtual size: 100KB

.code Size: 4KB - Virtual size: 241B

.crt Size: 4KB - Virtual size: 267B

.rsrc Size: 32KB - Virtual size: 30KB

.reloc Size: 4KB - Virtual size: 872B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

DATA
Size: 104KB - Virtual size: 100KB

.code
Size: 4KB - Virtual size: 241B

.crt
Size: 4KB - Virtual size: 267B

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 4KB - Virtual size: 872B