22c9cd78481676c42e9dc5e5c5e5d7d0_JaffaCakes118

General

Target

22c9cd78481676c42e9dc5e5c5e5d7d0_JaffaCakes118
Size

23KB
MD5

22c9cd78481676c42e9dc5e5c5e5d7d0
SHA1

d25d47af2e12037bcbbe1b9530830e369d9df4b2
SHA256

9e90c02be84287c8cd8ed476e5ec77e8cd311175eff08617600993f34160ac3c
SHA512

697c303e69ddf9a64de0df522c79ddbcaed4c9807db55d96274b832551edbb7221ef52d5df3f590f4525b314bd43275ebb7328ff933085ef03cf778d6ecd555e
SSDEEP

384:aVwLi+W5fZMMfqRJiC5cBI0Wm8l1IcSXXEAnVQkrB8Wd0q:+EMpZVfKJiC5kM1dPAHFtOq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22c9cd78481676c42e9dc5e5c5e5d7d0_JaffaCakes118

Files

22c9cd78481676c42e9dc5e5c5e5d7d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acb4387e40862a6182a664ced5b4d8ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AnyLinkedFonts
GdiDeleteSpoolFileHandle
XLATEOBJ_iXlate
GdiEntry1
EngComputeGlyphSet
GdiGetSpoolFileHandle

kernel32

TlsFree
SystemTimeToTzSpecificLocalTime
OpenProfileUserMapping
WaitForMultipleObjects
PostQueuedCompletionStatus
GetCommModemStatus
ReadFile
SetCommConfig
MapViewOfFileEx
Thread32Next
FindFirstFileW
ReadConsoleA
SleepEx
GlobalMemoryStatus
WriteTapemark

advapi32

SystemFunction032
ChangeServiceConfig2W
DuplicateEncryptionInfoFile
CryptGetUserKey
ElfNumberOfRecords
BuildSecurityDescriptorA
CryptSetKeyParam
SystemFunction026
GetSecurityInfoExA

ole32

ReadStringStream
OleLockRunning
UpdateDCOMSettings
CoCreateFreeThreadedMarshaler
HMETAFILEPICT_UserFree
OleConvertOLESTREAMToIStorageEx
WdtpInterfacePointer_UserFree

msvcrt

_execlpe
iswgraph
_execvp
tan
fputwc
_pwctype
__winitenv
strncat
_Getmonths
exp

user32

DlgDirSelectExW
SetDoubleClickTime
AttachThreadInput
SetFocus
PeekMessageW
DlgDirListComboBoxW
RegisterTasklist
GetCursorInfo

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acb4387e40862a6182a664ced5b4d8ce

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

advapi32

ole32

msvcrt

user32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 5KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 5KB