0b241808e28a9547c2abc4a9da26e2f2_JaffaCakes118

General

Target

0b241808e28a9547c2abc4a9da26e2f2_JaffaCakes118
Size

155KB
MD5

0b241808e28a9547c2abc4a9da26e2f2
SHA1

ece0b0aa7acc2b411f4ec37debdbb9afc9e9f3dc
SHA256

448bae6c2b95d248cd85097845071cb16edb03af083bd3cef52a8af163e2f302
SHA512

49f535750d40738eea604bbb461d7ae988f8f7e2b75054281325d5a78b86b7c052701b749b56ce24c1f6377623abc3b69014afd2c84bf4ba5481bd350f345630
SSDEEP

3072:Xy0rhiTpp8EPkGiMVT7XmsTmpX//j3RMVWssHlkLufyD8R8iJJJJ:C/pOEPtvCFD3RMfWkLGy8fJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b241808e28a9547c2abc4a9da26e2f2_JaffaCakes118

Files

0b241808e28a9547c2abc4a9da26e2f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c7bccd1efcec9923ca6df6f021ac631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW

gdi32

SelectObject
GetTextMetricsW
CreateFontIndirectW
GetOutlineTextMetricsW
DeleteObject
AddFontResourceExW

kernel32

LockResource
GetACP
FillConsoleOutputAttribute
FindClose
GlobalAlloc
GetProcessPriorityBoost
lstrcpyA
WideCharToMultiByte
GlobalFree
CreateFileMappingW
MultiByteToWideChar
EnumResourceNamesW
InitializeCriticalSection
lstrcmpiW
OutputDebugStringW
GetLastError
FreeEnvironmentStringsW
GetCPInfo
GetTickCount
lstrcpyW
lstrlenW
GetModuleHandleW

user32

KillTimer
TranslateMessage
wsprintfW
SetTimer
CharUpperW
GetDC
GetWindowLongA
CharNextW
PostThreadMessageW
DispatchMessageW
GetMessageW
UnregisterClassA

shell32

SHGetFileInfoW

ole32

CoRevokeClassObject
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoRegisterClassObject
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c7bccd1efcec9923ca6df6f021ac631

Headers

File Characteristics

Imports

psapi

advapi32

gdi32

kernel32

user32

shell32

ole32

oleacc

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 55KB - Virtual size: 55KB

.isete Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 55KB - Virtual size: 55KB

.isete
Size: 1024B - Virtual size: 104KB