1659e8f63d89a76653e5f1e0931f167d_JaffaCakes118

General

Target

1659e8f63d89a76653e5f1e0931f167d_JaffaCakes118
Size

109KB
MD5

1659e8f63d89a76653e5f1e0931f167d
SHA1

efb4a41e5a883664c15357ea2350ea7526db8399
SHA256

976844b55bc8c0d3f8cd277c5c2e856ce7feb058a3649653ad15c4602104f1ec
SHA512

b2e2d2e929b56055a7c34d4589383059c9e50a429561efa223d233c852b3ed5851124d00196aed3bbd1b47cc46cf82d1a4fd669e935ac019b594c4da9bb49a0e
SSDEEP

3072:IZWQqUVDo3LQ3qpijh1lv3//ErJV2SZyL:IZWuSWqpul3//ErX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1659e8f63d89a76653e5f1e0931f167d_JaffaCakes118

Files

1659e8f63d89a76653e5f1e0931f167d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89f727340a5ab3c21c08ef395d5f2c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetLastError
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapFree
HeapAlloc
GetStdHandle
Sleep
LoadLibraryW
GetCurrentThread
GetVersion
WaitForSingleObject
GetStartupInfoA

user32

EmptyClipboard
OpenClipboard
CloseClipboard
ExitWindowsEx
DrawMenuBar
RemoveMenu
CheckMenuRadioItem
CreateMenu
SetMenuItemBitmaps
RegisterWindowMessageA
DispatchMessageW
TranslateMessage
PostQuitMessage
LoadBitmapA
GetKeyState
SetUserObjectSecurity
GetUserObjectSecurity
GetWindow
SendMessageTimeoutA
GetDlgCtrlID
SetClipboardData
EnumWindows
CheckRadioButton

advapi32

ControlService
LookupPrivilegeValueW
AdjustTokenPrivileges
SetServiceStatus
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CloseServiceHandle

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
div
abs
feof

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89f727340a5ab3c21c08ef395d5f2c5b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 35KB - Virtual size: 45KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 35KB - Virtual size: 45KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB