0708e2443e0a06bd4a21dc04591e556d_JaffaCakes118

General

Target

0708e2443e0a06bd4a21dc04591e556d_JaffaCakes118
Size

167KB
MD5

0708e2443e0a06bd4a21dc04591e556d
SHA1

e573bf0813892e720bf6683e6e14620187f519d8
SHA256

f1dafd2990c7355f9fe1bafa4e6fa4e4645c62aaa0fc8345f8fded7a63f9b24a
SHA512

2dbcf432e0b82330b55b16ae74729be92948e474e5642251b81e7b2cc7a373d9529f8e0dba324eaaaa0e6f5c7c5fa8de6564e10dca17311148852f30d7680a6c
SSDEEP

3072:rYWGyprTXFO57CAzp8RCEjPiy3/v8b9yOmeBu6WgIOzNBtJ35OBI:6yJTXFe7C+wvP0bw5eU6WgIKNB75OBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0708e2443e0a06bd4a21dc04591e556d_JaffaCakes118

Files

0708e2443e0a06bd4a21dc04591e556d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb853b7cdaf8385eb1ceeccef9e3d668

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetFileInfoW

gdi32

GetOutlineTextMetricsW
GetTextMetricsW
CreateFontIndirectW
DeleteObject
SelectObject
AddFontResourceExW

psapi

GetProcessMemoryInfo

user32

CharUpperW
TranslateMessage
DispatchMessageW
KillTimer
PostThreadMessageW
wsprintfW
CharNextW
SetTimer
GetMessageW
GetDC
GetWindowLongA
UnregisterClassA

kernel32

GetCPInfo
FillConsoleOutputAttribute
GlobalFree
GetLastError
GetProcessWorkingSetSize
OutputDebugStringW
GlobalAlloc
GetACP
InitializeCriticalSection
WideCharToMultiByte
lstrcpyW
EnumResourceNamesW
MultiByteToWideChar
lstrlenW
FindClose
LockResource
FreeEnvironmentStringsW
lstrcmpiW
lstrcpyA
GetTickCount
CreateFileMappingW
GetModuleHandleW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW

ole32

CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemFree
CoUninitialize
CoRegisterClassObject
StringFromGUID2
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb853b7cdaf8385eb1ceeccef9e3d668

Headers

File Characteristics

Imports

shell32

gdi32

psapi

user32

kernel32

advapi32

ole32

oleacc

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 60KB - Virtual size: 59KB

.isete Size: 1024B - Virtual size: 380KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 60KB - Virtual size: 59KB

.isete
Size: 1024B - Virtual size: 380KB