2bda3a16edb4055bec1da4c3967a1659_JaffaCakes118

General

Target

2bda3a16edb4055bec1da4c3967a1659_JaffaCakes118
Size

23KB
MD5

2bda3a16edb4055bec1da4c3967a1659
SHA1

eff95905fe848f8ee5b0b229f3041440a5a2257a
SHA256

355302ea115d09bada9b40874da2eaaf9cc9ca1bd8746ba8c6961b6238236f97
SHA512

ea96e9943ed601fc35ed7a7916980b06f548277a191c11f3dd3f0a1b24d7098aa587639935cf23ebc79d7f4a0b02d950203cac2ae1f36f6e327250748db4244a
SSDEEP

384:AV7Pv7HPdgS9+5vHvqzrwFQ1Pfx9aCnqAR2XQy4o233333AHHHHHHHHHHH+HHWF:y7H7HmSmvHvqzrkqPraXKRy2HHQHHHHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bda3a16edb4055bec1da4c3967a1659_JaffaCakes118

Files

2bda3a16edb4055bec1da4c3967a1659_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb0ca27a34076ad27c64a45df347ee8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PtInRect
ArrangeIconicWindows
EnumWindows
DdeUnaccessData
SendMessageTimeoutW
DdeSetUserHandle
NotifyWinEvent
IsCharAlphaA

msvcrt

_wopen
_aexit_rtn
_exit
_cwait
_wfullpath
strtoul
_creat
fputwc
_strlwr
fsetpos

kernel32

SetVolumeLabelA
GetTimeFormatW
InterlockedExchange
GetStdHandle
SetConsoleInputExeNameA
GlobalFindAtomW
SetLocalTime
InterlockedExchange
lstrlenA
EscapeCommFunction
EnumResourceTypesA
SwitchToFiber
WriteConsoleInputVDMW
GetFileType
GetExitCodeThread

gdi32

GetCharWidthI
SetRectRgn
SaveDC
GetObjectW
GetObjectType
GetTextMetricsA

advapi32

RegGetKeySecurity
SystemFunction014
LsaSetInformationPolicy
OpenProcessToken
CryptSetHashParam
RegQueryInfoKeyW
RegOpenKeyW
WmiDevInstToInstanceNameA
RegSaveKeyA

ole32

HDC_UserSize
OleLockRunning
ReadClassStm
OleGetAutoConvert
CreateAntiMoniker
HENHMETAFILE_UserSize
CreateFileMoniker

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb0ca27a34076ad27c64a45df347ee8a

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

gdi32

advapi32

ole32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 5KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 5KB