2d5f926f2c8bb4b995948e400c08592b_JaffaCakes118

General

Target

2d5f926f2c8bb4b995948e400c08592b_JaffaCakes118
Size

41KB
MD5

2d5f926f2c8bb4b995948e400c08592b
SHA1

f5121808a3be49d7db7535228d23a988bc47e552
SHA256

199e02d572bc4229f60f7cebb69ac4c6cfa338008b0fe6a37e012e58a3ec6104
SHA512

c23824ca53032f5d471591ff4e5bd60b60822a679609415d4323243e251ff8b243f361043144b9c4669bcd5547d1fd6c89150f2ce8b6475fc22395612266215f
SSDEEP

768:fu9yTrb+NKJIzCD3J4duC/Fspz5NyRJV3oJDZekWHb4SSUoT6VMdfV:m3NKJuCyuCNozKJVGDZOHb4SHVMd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d5f926f2c8bb4b995948e400c08592b_JaffaCakes118

Files

2d5f926f2c8bb4b995948e400c08592b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9da249b9940dae53ab31073fe9475d7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelDeviceWakeupRequest
CloseProfileUserMapping
CreateRemoteThread
CreateSocketHandle
DeleteFileW
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemCodePagesA
ExitProcess
GetConsoleTitleA
GetEnvironmentVariableA
GetLocaleInfoW
GetNumberOfConsoleMouseButtons
GetProcessWorkingSetSize
GetWindowsDirectoryW
GlobalWire
LoadModule
LockFile
OutputDebugStringW
RtlUnwind
VerLanguageNameW
VirtualUnlock
WaitNamedPipeW
WinExec
WriteFileEx
_hwrite
lstrcpynA
lstrlenA

advapi32

AddAce
AddAuditAccessAce
BuildImpersonateExplicitAccessWithNameW
BuildImpersonateTrusteeW
ChangeServiceConfigW
CryptEnumProviderTypesA
EnumServicesStatusA
GetCurrentHwProfileW
GetMultipleTrusteeOperationW
GetNamedSecurityInfoA
IsValidSid
LookupPrivilegeDisplayNameA
LookupPrivilegeNameA
LookupSecurityDescriptorPartsW
ObjectOpenAuditAlarmA
OpenBackupEventLogW
OpenSCManagerA
RegConnectRegistryA
RegCreateKeyExW
RegOpenKeyA
RegOpenKeyW
RegQueryMultipleValuesA
RegQueryValueA
RegQueryValueExW
RegReplaceKeyA
RegUnLoadKeyW

user32

CallNextHookEx
CharPrevExA
CopyIcon
CreateIcon
DdeGetData
DdeUninitialize
DialogBoxIndirectParamW
DlgDirListW
EqualRect
FindWindowW
GetActiveWindow
GetGUIThreadInfo
GetKBCodePage
GetWindowLongW
LoadCursorFromFileW
MapVirtualKeyA
MapVirtualKeyW
MessageBoxA
MessageBoxExA
PeekMessageW
SendDlgItemMessageA
SetMenuItemBitmaps
SetUserObjectInformationW
SubtractRect
UnregisterClassW
WINNLSGetIMEHotkey
WaitMessage

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9da249b9940dae53ab31073fe9475d7b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 39KB - Virtual size: 48KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 39KB - Virtual size: 48KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 4KB