8fedc08e1beed0dc591a88afca244dbd_JaffaCakes118

General

Target

8fedc08e1beed0dc591a88afca244dbd_JaffaCakes118
Size

895KB
MD5

8fedc08e1beed0dc591a88afca244dbd
SHA1

7e2023d500b04d947a360c5939860c90aef4ae2f
SHA256

627eb14ede19016226018d5135b21f0fa237a46ccc4dd87c040d82586160af67
SHA512

b3b9c801bc18331d24de2acd4acce4f91d810d872c072ed6a88b03adb41a77851db35325c6313a4e4bf4857e784985f7291711d2770bfaf3bf89b4b6a8b27189
SSDEEP

12288:UDiWMt9gtaCRrnCOLWcxkRYQMB4l4kmNHdlhnDbV:UDcYtamWOCa8mNd7nPV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fedc08e1beed0dc591a88afca244dbd_JaffaCakes118

Files

8fedc08e1beed0dc591a88afca244dbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb017752e4f0b80b4fb7c5f62c6693ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAllocEx
GetModuleHandleW
GetStartupInfoA
lstrlenW

user32

LoadIconA
EnableMenuItem
GetKeyState
GetMenu
LoadIconW

gdi32

CloseFigure
AbortDoc
CreateSolidBrush
DeleteDC
EndPage
EndPath

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyA
SetNamedSecurityInfoW
SetFileSecurityW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetNamedSecurityInfoW
DestroyPrivateObjectSecurity
CreatePrivateObjectSecurityEx

ole32

StringFromIID
StgOpenStorageEx
StgOpenStorage
PropVariantClear
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

msvcrt

memset
memmove
memcpy
iswctype
fread
fprintf
fflush
fclose
_XcptFilter
__dllonexit
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_amsg_exit
_cexit
_controlfp
_errno
_exit
_initterm
_lock
_onexit
_purecall
_unlock
_wfopen
exit

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 697KB - Virtual size: 697KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.40
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb017752e4f0b80b4fb7c5f62c6693ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 104KB - Virtual size: 103KB

.data Size: 697KB - Virtual size: 697KB

.40 Size: 512B - Virtual size: 220B

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 104KB - Virtual size: 103KB

.data
Size: 697KB - Virtual size: 697KB

.40
Size: 512B - Virtual size: 220B

.rsrc
Size: 92KB - Virtual size: 92KB