377489b5ee23d6d57f4886debfaf3f23_JaffaCakes118

General

Target

377489b5ee23d6d57f4886debfaf3f23_JaffaCakes118
Size

56KB
MD5

377489b5ee23d6d57f4886debfaf3f23
SHA1

1d4f20cb7d6ef2f11967e801110e9f80dade6c73
SHA256

c5b9310ccdb6f9fa1c12d20fa582785a275011eddd0959919132e459e5de2e51
SHA512

68922dcbd5ab50535290574862088e4813afc7a8798cc26e865f711b484f8e011c81b1e3a83a9214c176aff8624c64f54322402531d63e58e85e2a30959ebc68
SSDEEP

1536:4J+GGh/R7/LKrM1PlVQq8LiAlisDtNo9oXdVfAEy7y5ng:m+GG3mcHtIigi4tNo9oXdVfAEy7y5ng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377489b5ee23d6d57f4886debfaf3f23_JaffaCakes118

Files

377489b5ee23d6d57f4886debfaf3f23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93a060c497e86a138895b0939f655839

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuA
GetDlgCtrlID
CreateIconIndirect

kernel32

TerminateProcess
lstrlenW
lstrcatA
CloseHandle
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindClose
FreeEnvironmentStringsW
GetCommandLineA
GetCurrentThread
GetFileTime
GetModuleHandleA
GetProcessWorkingSetSize
GetStartupInfoA
GetSystemInfo
GetVersionExA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
IsValidCodePage
MultiByteToWideChar
RtlUnwind
SetLastError
UnmapViewOfFile
TlsSetValue

setupapi

SetupGetStringFieldA
SetupEnumInfSectionsW
SetupDiGetClassDevsA

olepro32

OleIconToCursor

oleacc

GetStateTextA
WindowFromAccessibleObject
CreateStdAccessibleProxyW
GetRoleTextW
AccessibleObjectFromPoint
CreateStdAccessibleProxyA

advapi32

GetMultipleTrusteeW
GetFileSecurityA
MakeAbsoluteSD2
RegDisablePredefinedCache

security

QueryCredentialsAttributesW
QueryContextAttributesW
EnumerateSecurityPackagesW
DeleteSecurityPackageW

Sections

.text
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93a060c497e86a138895b0939f655839

Headers

File Characteristics

Imports

user32

kernel32

setupapi

olepro32

oleacc

advapi32

security

Sections

.text Size: 43KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB