0713155e0cb1f73090c39ca1273a4250_JaffaCakes118

General

Target

0713155e0cb1f73090c39ca1273a4250_JaffaCakes118
Size

23KB
MD5

0713155e0cb1f73090c39ca1273a4250
SHA1

fb0c13790e1438c93a632b9af0ecf5187eb63aff
SHA256

d4cb0ea29a2ed52c8c01ed016fe7daf789e329413f66ed8e3d32fa060f2b1892
SHA512

879991fc92ec721ea5e6a1f18214a8013d561fc2e22608587205cc61a4a0e5ee2a576edc0424fcd326ae0944d1079ddd3d74eccbd23fdad9caf38504f5c6d3c4
SSDEEP

384:gAr74ROUwrnO5hML5FaNlsfY58rkrzx3aptaevbZlECx:tr7DrnEIDaXhxGt98O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0713155e0cb1f73090c39ca1273a4250_JaffaCakes118

Files

0713155e0cb1f73090c39ca1273a4250_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3dddf198af703251e51ba9e0c84190f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateEllipticRgn
GetBitmapBits
PolyDraw
gdiPlaySpoolStream
EndPath
EngStrokePath

advapi32

TraceEventInstance
RegOpenKeyExA
SystemFunction040
WmiExecuteMethodW
BuildTrusteeWithObjectsAndNameW
StartServiceA
TrusteeAccessToObjectW
SetFileSecurityA
SystemFunction009

msvcrt

fwprintf
_mbsicoll
_close
_wstat
__lconv_init
_loaddll
_fgetchar
_adj_fdiv_m32i
_fcloseall
_wsplitpath

ole32

HBRUSH_UserSize
HBRUSH_UserSize
CoMarshalInterThreadInterfaceInStream
StgConvertVariantToProperty
OleCreateLink
CoInitialize
UtConvertDvtd16toDvtd32

kernel32

GetSystemTimeAdjustment
GetDiskFreeSpaceExA
GetConsoleNlsMode
GetPrivateProfileSectionNamesW
GetPrivateProfileStructA
FatalAppExitA
ReadConsoleInputExW
CopyFileW
RegisterConsoleOS2
SetVolumeLabelW
SetFileTime
GetPrivateProfileSectionNamesW
GetCommState
SetConsoleHardwareState
GetFileSize

user32

GetMenuItemInfoW
DlgDirListA
SetShellWindow
EnumDesktopWindows
CharLowerW
GetMouseMovePointsEx
ChangeDisplaySettingsA
RealChildWindowFromPoint

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dddf198af703251e51ba9e0c84190f1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

msvcrt

ole32

kernel32

user32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB