330e0b8a279f9bc161569bd4c0dedafe_JaffaCakes118

General

Target

330e0b8a279f9bc161569bd4c0dedafe_JaffaCakes118
Size

227KB
MD5

330e0b8a279f9bc161569bd4c0dedafe
SHA1

69f3e2d36a3b1f4505bc4482b25798dd270ebd5e
SHA256

a92fb44ae867acc11cf24ee0f8bbbe5475d333b5c71749d02bf2a2a6910b19fc
SHA512

5c71240440dd31975760b7fc04773fc4af45aa953bc92f4479f6fb228f9a4cd48d762b03bcb5bbc23dd3d4e1f1cd3eba18b4c406148964ff3d16af40c6c81a38
SSDEEP

6144:zq3M1VryF6uWCCQTIGero5bnWz8P7GU9nxc+w/EVy:+wryU6kGerooY7Gsc+wsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
330e0b8a279f9bc161569bd4c0dedafe_JaffaCakes118

Files

330e0b8a279f9bc161569bd4c0dedafe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdcc84de212b0e7184d78ff06101a675

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
ExitThread
ExpandEnvironmentStringsW
FatalAppExitA
FindCloseChangeNotification
GetThreadTimes
LCMapStringA
OpenMutexW
PulseEvent
ReadConsoleInputA
ReleaseMutex
SetConsoleTitleA
SystemTimeToTzSpecificLocalTime
lstrcmpi

advapi32

AddAuditAccessAce
ControlService
CryptSetProviderExW
FreeSid
GetExplicitEntriesFromAclA
GetNamedSecurityInfoExW
GetSecurityDescriptorControl
GetSidLengthRequired
IsValidSecurityDescriptor
LogonUserW
LookupPrivilegeDisplayNameW
RegNotifyChangeKeyValue
RegOpenKeyA
RegSetValueW

shell32

DuplicateIcon
ExtractAssociatedIconExW
ExtractIconResInfoW
InternalExtractIconListA
SHFileOperationW
SHFreeNameMappings
SHGetMalloc
SHGetNewLinkInfo
SheChangeDirExA
SheChangeDirW

gdi32

CreateMetaFileW
ExcludeClipRect
ExtCreateRegion
GetBitmapBits
GetTextMetricsW
GetWorldTransform
Pie
SetDeviceGammaRamp
SetMetaRgn
SetTextColor
SetWindowExtEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 223KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdcc84de212b0e7184d78ff06101a675

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 223KB - Virtual size: 224KB

.rsrc Size: 1024B - Virtual size: 240KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 223KB - Virtual size: 224KB

.rsrc
Size: 1024B - Virtual size: 240KB