2a967f898f919b652fa95a4fbfc8b1bf_JaffaCakes118

General

Target

2a967f898f919b652fa95a4fbfc8b1bf_JaffaCakes118
Size

296KB
MD5

2a967f898f919b652fa95a4fbfc8b1bf
SHA1

2eb1e990e9eb31d9f4b3a4e5f4713191adcda6a5
SHA256

f185c821b5ec08d7ebb8f05fb0e59a1402579c88531addadf38e1de804ee9821
SHA512

76bcb98d7a6a6f3d9865a447d405a3719541a81ffbadf7fd8f1c66cde94e1613da53340dfa514dd6ea7f016920c41e80cb78c98d1151efa79de5976476b6f94a
SSDEEP

6144:Tui3jeKmPnIWqmgnSdd8htzjQ7ZEdxZtL0gDpXjd/XVqPzgHTVAS+:qxPIt3nSddQ8Cxk8XjebiTC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a967f898f919b652fa95a4fbfc8b1bf_JaffaCakes118

Files

2a967f898f919b652fa95a4fbfc8b1bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96be7ae1e797d768a840413790c81c30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStructA
VirtualProtect
VirtualFree
GetDriveTypeW
VirtualQuery
SetFileAttributesA
ExitProcess
GetPrivateProfileSectionW
ReadConsoleInputW
GetStartupInfoA
FindFirstFileA
GetCommandLineA
lstrlenA
GetVersionExA

user32

MessageBeep
DrawStateW
PostThreadMessageA
MonitorFromWindow
GetScrollRange
EnumClipboardFormats
AppendMenuA
OpenDesktopA
CascadeWindows
CreateWindowStationW
GetDlgItemTextA

gdi32

SetViewportOrgEx
Chord
EnumFontsW
SetBkMode

advapi32

AddAccessAllowedAce
GetSecurityDescriptorOwner
RegRestoreKeyA
DeleteAce
SetSecurityDescriptorOwner
EnumDependentServicesA
OpenSCManagerW
CryptAcquireContextA
QueryServiceConfigA
ObjectDeleteAuditAlarmW
SetKernelObjectSecurity
NotifyBootConfigStatus
RegSetValueA
QueryServiceConfigW
RegisterServiceCtrlHandlerA
ObjectCloseAuditAlarmA
InitializeAcl
SetFileSecurityA
DeregisterEventSource
CloseEventLog

ole32

OleSave

oleaut32

SafeArrayGetLBound
SysAllocStringLen
SafeArrayCreate
VariantChangeType
SafeArrayRedim
LoadTypeLi
SetErrorInfo
SysFreeString
QueryPathOfRegTypeLi

comctl32

ImageList_DrawIndirect
ImageList_GetImageCount
PropertySheetA

shlwapi

StrStrIW
StrCmpNIW
SHEnumValueW
PathCombineA

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96be7ae1e797d768a840413790c81c30

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 276KB - Virtual size: 272KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 276KB - Virtual size: 272KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 9KB