821aa0af9b1e448cb190cdb1f525f4b5_JaffaCakes118

General

Target

821aa0af9b1e448cb190cdb1f525f4b5_JaffaCakes118
Size

420KB
MD5

821aa0af9b1e448cb190cdb1f525f4b5
SHA1

19e2bf22c027bd993aa8a2c9ccfce07597c18f8b
SHA256

6b959a28b0588409d90e02999113bd442cae3298bad61947d19ccd0787e97736
SHA512

338ca5394ed0eae199294a65a908ebb6d42835d2a1ddd9b3ebf44e1085ea9dce1aa956c00dee1244b510fa813317994fd421f159c354f1c0e9b3ae9a8bb9fb39
SSDEEP

6144:Na/SLBjqbdiT+3mHFfutZTP0P3gXkHclSTu8yfYsbHmze84C3SU8rp0xH:QSL8bugT0PwEhiGK8B3Op0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
821aa0af9b1e448cb190cdb1f525f4b5_JaffaCakes118

Files

821aa0af9b1e448cb190cdb1f525f4b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a7fc5816e3c1142a66119c221006c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

fputwc
strcmp
isxdigit
free
strstr
sin
strlen
exp
tan
malloc

advapi32

RegCreateKeyW
RegisterEventSourceA
RegQueryValueExW
ReportEventW
DeregisterEventSource
ElfReportEventW
RegEnumValueW
RegQueryValueW
RegQueryInfoKeyW

kernel32

GetProcessHeap
GetTempPathW
HeapFree
InvalidateConsoleDIBits
PurgeComm
HeapAlloc
GetWindowsDirectoryW
FindNextChangeNotification
GetUserDefaultLCID
GetModuleFileNameW
VirtualAlloc
GetSystemDirectoryW
GetDiskFreeSpaceExW

user32

PrintWindow
GetMessageA
GetAltTabInfo
GetWindowContextHelpId
TranslateMessageEx
NotifyWinEvent
IMPQueryIMEA
LoadMenuA
GetForegroundWindow
CreateAcceleratorTableW
ResolveDesktopForWOW
SendIMEMessageExA
CharLowerW
InvertRect

es

ServiceMain
DllCanUnloadNow
LCEControlServer

msrd2x40

DllRegisterServer

mfc42

DllUnregisterServer
?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllRegisterServer

loghours

ReplicationScheduleDialogEx
DirSyncScheduleDialog
DialinHoursDialogEx
DirSyncScheduleDialogEx

Sections

.text
Size: 412KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a7fc5816e3c1142a66119c221006c4

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

es

msrd2x40

mfc42

loghours

Sections

.text Size: 412KB - Virtual size: 416KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 412KB - Virtual size: 416KB

.rsrc
Size: 7KB - Virtual size: 6KB