35971272e308e67702618af16c91e35e_JaffaCakes118

General

Target

35971272e308e67702618af16c91e35e_JaffaCakes118
Size

54KB
MD5

35971272e308e67702618af16c91e35e
SHA1

3b6a7ca7e8413d37c0a4b095dc137174e9295f93
SHA256

301e4bba5af95f8556c8fa5c878861294bbc565c2963b6274a19517950a20e03
SHA512

d4e60298ec5785ef2a9b419f1db87b607cede5a2d98397607cbea326d312f414ff595dede876a8a673d3da380c3115dfe761478f16232de7d14709b394ee53dd
SSDEEP

1536:aT5FW6txfNNwSnUDaeyKos1AYupdQtiK75jdMvg:a5FxfsdpjS6R52g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35971272e308e67702618af16c91e35e_JaffaCakes118

Files

35971272e308e67702618af16c91e35e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79440954eda5130ec8f7524da2ac3684

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseCapture
GetDlgItemTextA
DestroyWindow

kernel32

WideCharToMultiByte
UnhandledExceptionFilter
SetLastError
CloseHandle
CreateConsoleScreenBuffer
CreateProcessA
CreateThread
ExitProcess
FindClose
FreeEnvironmentStringsA
GetCPInfo
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind

security

QuerySecurityPackageInfoA
ImportSecurityContextA

olepro32

OleCreatePropertyFrameIndirect

oleacc

WindowFromAccessibleObject
AccessibleChildren
AccessibleObjectFromWindow
CreateStdAccessibleObject
GetOleaccVersionInfo
LresultFromObject
ObjectFromLresult

advapi32

RegOpenKeyA
GetTrusteeFormW
ElfOpenBackupEventLogA
ElfBackupEventLogFileW
CryptDuplicateKey
CommandLineFromMsiDescriptor

setupapi

SetupQueryInfVersionInformationW
SetupInitializeFileLogA
SetupDiGetINFClassW
SetupDiCreateDevRegKeyW
SetupDiGetActualSectionToInstallExW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyW

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79440954eda5130ec8f7524da2ac3684

Headers

File Characteristics

Imports

user32

kernel32

security

olepro32

oleacc

advapi32

setupapi

Sections

.text Size: 41KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB