3172314673b0c5fa8d6dcdbcd5c9c10a_JaffaCakes118

General

Target

3172314673b0c5fa8d6dcdbcd5c9c10a_JaffaCakes118
Size

9KB
MD5

3172314673b0c5fa8d6dcdbcd5c9c10a
SHA1

420c273940965fdf00732545cb029bf165f13cd8
SHA256

60009a2d2ad60fefa1823b5e0a743b2be98410bbff20ce62aeff38cf979ea534
SHA512

363a93b563842c1094f5f2e0e5299ad6cdbdbc7539210fb3afb5aba1ccbe9b6b3c59fccae1119bfb611f7072aa99d137a5bbc82bc18a6cc6b5df456afb61ec47
SSDEEP

192:YU1s+r1s+e1Kqu62Ku33jc5wVlohya1X2J7g9qcu7hMjUJ:57SKLwiQrXhU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3172314673b0c5fa8d6dcdbcd5c9c10a_JaffaCakes118

Files

3172314673b0c5fa8d6dcdbcd5c9c10a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63599211b44bb7ffe7083f3e9038a03b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
CreateDirectoryExA
EnumResourceLanguagesA
EnumSystemLocalesW
ExitProcess
GetModuleFileNameA
GetProfileStringW
GetStdHandle
GetVersion
GetVolumeInformationA
Heap32Next
InitAtomTable
LoadLibraryA
Module32Next
MoveFileW
OpenFileMappingA
ReadConsoleA
ReleaseMutex
RemoveDirectoryW
SetConsoleActiveScreenBuffer
SetUnhandledExceptionFilter
TlsGetValue
WriteConsoleOutputA

advapi32

AccessCheck
AddAccessAllowedAce
AddAccessDeniedAce
AddAce
AdjustTokenPrivileges
BuildImpersonateExplicitAccessWithNameA
BuildTrusteeWithSidA
CryptDecrypt
CryptGetHashParam
DeregisterEventSource
EnumDependentServicesW
GetAce
GetSecurityInfoExA
InitiateSystemShutdownW
LookupAccountNameW
MakeAbsoluteSD
NotifyBootConfigStatus
QueryServiceStatus
ReadEventLogW
RegisterServiceCtrlHandlerW
SetNamedSecurityInfoExW
SetSecurityDescriptorGroup
StartServiceCtrlDispatcherW

user32

CharLowerA
CreateWindowExW
DdeAddData
DefMDIChildProcW
DialogBoxIndirectParamW
DispatchMessageA
DragDetect
EnableWindow
EqualRect
FindWindowExA
GetCursor
GetFocus
GetMenuItemRect
GetUserObjectSecurity
LoadAcceleratorsA
LoadCursorFromFileA
MsgWaitForMultipleObjects
PostThreadMessageA
PtInRect
RemovePropW
SetCursor
SetRectEmpty
SetSysColors
SetWindowPlacement
WindowFromPoint
wvsprintfA

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63599211b44bb7ffe7083f3e9038a03b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 8KB - Virtual size: 20KB

.idata Size: - Virtual size: 12KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 20KB

.idata
Size: - Virtual size: 12KB

.rsrc
Size: - Virtual size: 8KB