00283b9bfd450f6c19734c2699ade010_JaffaCakes118

General

Target

00283b9bfd450f6c19734c2699ade010_JaffaCakes118
Size

42KB
MD5

00283b9bfd450f6c19734c2699ade010
SHA1

2110ab1b7bf21b5e54cd5d631b7bf94004f32f62
SHA256

5a647540a58ce4489adb78699a1707925e9a264ccc8675c05786cf3f84b838a6
SHA512

a0041480fcad3ac8de61ae6ea013256f00fe5df3231ce949c7b80a98ead542f2fdb0350242eda0892dce6547924326f6f2104d7ee15d6d4cf8c8e9fcd3955122
SSDEEP

768:BF/QqCSZlVGRvMS2dR5WFK8aO6J0sPrQCdf2Ean3UYMdd8+gmX+hl:D/QS/URvMP5yK1OyRQ3Ue+xOhl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00283b9bfd450f6c19734c2699ade010_JaffaCakes118

Files

00283b9bfd450f6c19734c2699ade010_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bf5e581209f4ac895dc5bcb5095dad8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceW
CreateMutexW
CreateSocketHandle
CreateWaitableTimerW
DebugActiveProcess
DefineDosDeviceA
ExitProcess
GetCommProperties
GetCommandLineW
GetPrivateProfileSectionNamesA
GetTapeStatus
GetVolumeInformationA
GlobalFindAtomW
HeapValidate
LoadLibraryA
ReadFileEx
ScrollConsoleScreenBufferA
SetFilePointer
Thread32First
UTUnRegister
VerLanguageNameW
VirtualAllocEx
WriteConsoleOutputA

advapi32

AddAuditAccessAce
BuildSecurityDescriptorA
CancelOverlappedAccess
ClearEventLogW
CloseEventLog
CopySid
CryptGetHashParam
CryptGetProvParam
CryptImportKey
CryptVerifySignatureW
EnumServicesStatusW
GetNamedSecurityInfoA
GetNamedSecurityInfoW
GetOldestEventLogRecord
GetSidIdentifierAuthority
GetTrusteeNameW
ImpersonateLoggedOnUser
IsValidAcl
LogonUserW
LookupPrivilegeDisplayNameW
ObjectOpenAuditAlarmW
PrivilegeCheck
QueryServiceConfigA
RegDeleteValueW
RegOpenKeyExA
RegUnLoadKeyA
SetFileSecurityA
SetKernelObjectSecurity
SetServiceBits
SetTokenInformation

user32

AnyPopup
CallWindowProcA
CreateIconFromResourceEx
DdeCreateStringHandleA
DdeQueryStringA
DefDlgProcA
EndMenu
GetClassNameA
GetClassWord
GetIconInfo
GetKeyboardLayoutNameA
GetListBoxInfo
GetMenuItemInfoA
GetMessageA
GetUserObjectInformationW
GetWindowTextW
LoadBitmapA
OffsetRect
RemovePropA
SetKeyboardState
SetMessageExtraInfo
SetUserObjectInformationW
ShowScrollBar
TranslateAccelerator
ValidateRect
WaitMessage

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bf5e581209f4ac895dc5bcb5095dad8

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 40KB - Virtual size: 44KB

.idata Size: - Virtual size: 12KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 40KB - Virtual size: 44KB

.idata
Size: - Virtual size: 12KB

.rsrc
Size: - Virtual size: 4KB