2be0306238ff5e78b911dd4c2d92957d_JaffaCakes118

General

Target

2be0306238ff5e78b911dd4c2d92957d_JaffaCakes118
Size

99KB
MD5

2be0306238ff5e78b911dd4c2d92957d
SHA1

36f4789639db7903b977e69dbab60912c7da04d8
SHA256

9f6e19f3f04ed19f3012d9c276cb7ea68cd363fc72c3c81b451b57436ef5bd38
SHA512

c2e8b977eb797e68a262b63f72ddcb6f1d2eb42260e72b931f7a63798a53113dbd76504742460b3857ef79a53e408127af2b9f5f5ad9e15c97fc45ab04ae88a9
SSDEEP

1536:xB4qDXzchThE3YeMOR4bAouBov/AVSdXfW6vc8PEToporbfXzxw2TuqDxVM5Y7Th:waMxA5B2dut8M06bfXzxTuq9VMGTh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be0306238ff5e78b911dd4c2d92957d_JaffaCakes118

Files

2be0306238ff5e78b911dd4c2d92957d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10a7e3fc76bc0fc9785d31630a426f0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
__getmainargs
fread
wcschr
strcspn
__p__commode
atexit
fopen
__setusermatherr
_adjust_fdiv
_open
exit
sqrt
__p___initenv
fgetpos
_mbsicmp
wcsncmp
__p__fmode
abort
_acmdln
_except_handler3
floor
memcpy
_unlock
_cexit
_pipe
__set_app_type
swscanf
_XcptFilter
_initterm
perror
ungetc

kernel32

VirtualProtect
GetStartupInfoW
FlushFileBuffers
GetModuleFileNameA
GetEnvironmentStringsW
QueryPerformanceCounter
WritePrivateProfileStringA
GetStartupInfoA
EnumCalendarInfoA
GetStringTypeA
WaitForMultipleObjects
lstrcpynA
GetStdHandle
GetModuleHandleA

user32

WinHelpA
CharLowerA
EndDialog
GetSysColorBrush
GetDlgItem
CreateWindowExA
CloseClipboard
SetWindowTextA
GetWindowPlacement
DrawIconEx
EnableMenuItem
GetMenuStringA

oleaut32

VariantInit
GetErrorInfo
SysReAllocStringLen
VariantClear
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayGetUBound

advapi32

RegQueryInfoKeyW
GetSecurityDescriptorDacl
RegCreateKeyA
GetLengthSid
CryptHashData
RegSetValueExA
CryptGenRandom
LookupPrivilegeValueW
RegOpenKeyExA
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
CryptReleaseContext
InitializeAcl
FreeSid
DeleteService
OpenSCManagerW
RevertToSelf
RegEnumKeyExW
RegEnumKeyA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10a7e3fc76bc0fc9785d31630a426f0a

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

oleaut32

advapi32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 24KB - Virtual size: 23KB