0312d014181a1886d050c4571ffa9e00_JaffaCakes118

General

Target

0312d014181a1886d050c4571ffa9e00_JaffaCakes118
Size

38KB
MD5

0312d014181a1886d050c4571ffa9e00
SHA1

16e5e84567c688fb74e4cee9b272a528c04847f9
SHA256

d721c1f21f5b159dbd9612df11d72623a3c5d718d7c79b54607d708f1e980cb2
SHA512

0a750952a23be2e10d23b0ecaf24a852dc456667b3fd12e1c4ded7fec85c16ac621ed7be61f0d580c40bca9aae5c2473fa1bd54e6ee65f9a8a7e164e06a61fd6
SSDEEP

768:d1AIk4YkSkFBmGdng5QTQM1D8585NfwSjl1XCVGXqwLBw:d1YNAd+QTPp1NYQXnVw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0312d014181a1886d050c4571ffa9e00_JaffaCakes118

Files

0312d014181a1886d050c4571ffa9e00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7317821472afbd365ca4d8e56ae5d8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowPlacement
GetSystemMetrics
FillRect
MapWindowPoints
LoadStringA
GetPropA
GetWindowRect
LoadAcceleratorsA
SetUserObjectSecurity
IsDialogMessageA
LoadImageA
InvalidateRect

msvcrt

_wfopen
_except_handler3
wcslen
wcscmp
_adjust_fdiv
fseek
_onexit
_fullpath
_itoa
strncat
exit
strtoul

ole32

OleSave
CoDosDateTimeToFileTime
OleQueryLinkFromData
CoTaskMemRealloc
CoRegisterClassObject
OleLoadFromStream
CoTreatAsClass
CoReleaseMarshalData
OleCreateFromFileEx
OleRun
OleRegGetUserType
CoDisconnectObject

gdi32

SetTextColor
GetStockObject
LineTo
SetROP2
CreatePen
SelectClipRgn
GetObjectA
CreateRectRgn
GetTextMetricsA
BitBlt
DeleteDC

advapi32

GetLengthSid
CreateProcessAsUserA
RegDeleteValueA
LookupPrivilegeValueA
GetSidSubAuthority
GetSidSubAuthorityCount
AllocateAndInitializeSid
RegOpenKeyExA
AddAccessAllowedAce
LookupPrivilegeValueW
LookupAccountSidA
GetAce

kernel32

FileTimeToLocalFileTime
SetHandleCount
SetUnhandledExceptionFilter
InterlockedIncrement
GlobalAlloc
WaitForMultipleObjects
GetVersionExA
CreateEventA
lstrcpyA
GetFileAttributesA
WriteConsoleW
OutputDebugStringA
GetCPInfo

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7317821472afbd365ca4d8e56ae5d8da

Headers

File Characteristics

Imports

user32

msvcrt

ole32

gdi32

advapi32

kernel32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 1024B - Virtual size: 976B

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 1024B - Virtual size: 976B