344c721af5ac66ac7d1ad192e99b5f6a_JaffaCakes118

General

Target

344c721af5ac66ac7d1ad192e99b5f6a_JaffaCakes118
Size

390KB
MD5

344c721af5ac66ac7d1ad192e99b5f6a
SHA1

a742c996ad4df68934d3f1bcdff3aa3cc1c0f7cc
SHA256

2754c03a0ee1887569d08a2310bf9013376dc5b388bba6eed5bd6e4a0d6a1f3e
SHA512

7062789a5a21a5157a0f1790579dd0b6ac4b09aa30698a9ecaba9fc985c2495dcf057289163ff5230c9748c6409e4466bef314c99d323d4e8f32759cd5e46ea0
SSDEEP

12288:xmt9MSVd3v+WEiDeW1lw1SMs2iuYGyrdXK3qNC:xKjrprse2XQ1Kb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
344c721af5ac66ac7d1ad192e99b5f6a_JaffaCakes118

Files

344c721af5ac66ac7d1ad192e99b5f6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a21b0f69b6ff7f7a68c4da4829670bb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
ReplaceTextW
LoadAlterBitmap
ChooseFontA
GetOpenFileNameA
PrintDlgW
ReplaceTextA
GetOpenFileNameW
ChooseFontW
ChooseColorA
PageSetupDlgW
GetSaveFileNameA
PrintDlgA
ChooseColorW
GetFileTitleA
GetFileTitleW
PageSetupDlgA
FindTextA

gdi32

GetCharABCWidthsW
GetTextColor
GetTextCharacterExtra
AddFontResourceW
ExtEscape

advapi32

CryptGenKey
CryptSetProviderA
LookupPrivilegeNameA
DuplicateTokenEx
CryptGetKeyParam
CryptDeriveKey
ReportEventA
CryptSetProvParam
RegReplaceKeyA
LookupAccountSidW
CryptGenRandom
RegNotifyChangeKeyValue

user32

MoveWindow
DdeFreeDataHandle
SetParent
CallNextHookEx
GetWindowLongW
CopyIcon
GetMonitorInfoA
TranslateAcceleratorA
GetClassLongA
ChangeMenuA
GetDlgItem

kernel32

CreateFileMappingW
FreeLibrary
EnumSystemLocalesW
VirtualAlloc
QueryPerformanceCounter
EnumDateFormatsExA
RtlUnwind
GetSystemTime
InterlockedExchange
SetConsoleTitleA
UnmapViewOfFile
GetTickCount
GetConsoleCP
GetModuleHandleA
SetVolumeLabelW
VirtualQuery
ReadConsoleOutputCharacterA
ExitProcess
GetProcAddress
TerminateProcess
GetModuleFileNameA
MoveFileA
GetProcessAffinityMask
HeapReAlloc
GetCurrentThreadId
GetCurrentProcess
ReadConsoleInputA
LoadLibraryA
LoadLibraryW
HeapFree
GetSystemTimeAsFileTime
SetPriorityClass
GetConsoleTitleW
HeapAlloc
GetCurrentProcessId

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a21b0f69b6ff7f7a68c4da4829670bb5

Headers

File Characteristics

Imports

comdlg32

gdi32

advapi32

user32

kernel32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 264KB - Virtual size: 263KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 264KB - Virtual size: 263KB

.rsrc
Size: 13KB - Virtual size: 12KB