374894b37e59791ecc598b68440d8d3d_JaffaCakes118

General

Target

374894b37e59791ecc598b68440d8d3d_JaffaCakes118
Size

10KB
MD5

374894b37e59791ecc598b68440d8d3d
SHA1

17371f18318026c11460bc55abad914d1da712a8
SHA256

c9d7ea12db9d62f37a50e78aaffa9307ebc366865ddaa55c6b7a00959dffdbe2
SHA512

0d855b7d3d80475b0fc6fd6ca4b83059c4172f2ca53298226eb7ad2c9f4739d696a20b8200d406899443204200b4b4de35e45825c8c2ec3070eb6977df20657b
SSDEEP

192:f8LQyxeufaIoblxMqRTY5HSh7Hg+Eq9TNcsgJgm4orenIFiq:fwDX0X05yFA+EqlgJgm4oreI8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374894b37e59791ecc598b68440d8d3d_JaffaCakes118

Files

374894b37e59791ecc598b68440d8d3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32dac34be66e61b4cbb887e5fcf1b80f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseProfileUserMapping
CreateDirectoryW
DebugBreak
ExitProcess
GetCPInfo
GetCompressedFileSizeA
GetCompressedFileSizeW
GetComputerNameA
GetConsoleTitleW
GetFileAttributesA
GetLargestConsoleWindowSize
GetLogicalDriveStringsW
GetStartupInfoA
GetStringTypeExW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetUserDefaultLCID
GlobalAddAtomA
OutputDebugStringA
PostQueuedCompletionStatus
WaitForDebugEvent

advapi32

AllocateLocallyUniqueId
BuildImpersonateExplicitAccessWithNameA
ControlService
CryptContextAddRef
CryptGenRandom
CryptSetHashParam
DeregisterEventSource
GetAuditedPermissionsFromAclW
GetCurrentHwProfileA
GetCurrentHwProfileW
GetEffectiveRightsFromAclW
GetExplicitEntriesFromAclA
GetMultipleTrusteeOperationA
GetSecurityInfoExA
LookupAccountNameW
QueryServiceObjectSecurity
RegCreateKeyExW
RegDeleteValueW
RegReplaceKeyW
RegUnLoadKeyA
RegUnLoadKeyW
SetEntriesInAccessListA
SetKernelObjectSecurity
SetThreadToken
UnlockServiceDatabase

user32

AnimateWindow
CloseWindow
CloseWindowStation
CreateDialogParamA
DdeQueryStringW
DestroyCursor
DispatchMessageA
DispatchMessageW
DrawAnimatedRects
EndMenu
EnumPropsExW
GetDC
GetDCEx
GetGuiResources
GetMenu
GetMessageTime
GetProcessDefaultLayout
IsCharUpperA
LockWindowUpdate
RegisterClassW
RegisterDeviceNotificationA
ReplyMessage
SetMessageExtraInfo
SetSystemCursor
ToAscii
VkKeyScanExA
VkKeyScanExW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32dac34be66e61b4cbb887e5fcf1b80f

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 4KB