393e540a381205d8eaa6cc0b1dc07975_JaffaCakes118

General

Target

393e540a381205d8eaa6cc0b1dc07975_JaffaCakes118
Size

157KB
MD5

393e540a381205d8eaa6cc0b1dc07975
SHA1

2f6c8158d80c8661a43face4a297ac93d236ea4e
SHA256

ffebbe468232a3de9552dc0f85f843806202633cbfb066da23deb439dfe7aa79
SHA512

686efc70988e20707d7bae389bc5da63790f975a0869ef16d7506851647951b4a541b6928ceb3deed66a21a3c2d9f79215ee1896415b19bd83e26a8023676ace
SSDEEP

3072:eNH7JUwAoHgZa/ArnP4egyCVTZ9hqKyuozYC/TP6aUbcTfqENAYB2H7:eNH9lAoAQ/ADQWCVV9QluETP5UjENH2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
393e540a381205d8eaa6cc0b1dc07975_JaffaCakes118

Files

393e540a381205d8eaa6cc0b1dc07975_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23751abeff440e1606c1c9b5462f37e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW

ole32

CoTaskMemAlloc
CoRevokeClassObject
StringFromGUID2
CoUninitialize
CoTaskMemRealloc
CoRegisterClassObject
CoCreateInstance
CoInitialize
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

wsprintfW
CharUpperW
SendMessageA
GetMessageW
SetTimer
TranslateMessage
KillTimer
GetDC
PostThreadMessageW
CharNextW
DispatchMessageW
UnregisterClassA

kernel32

FindClose
FillConsoleOutputCharacterA
CreateFileMappingW
WideCharToMultiByte
GetProcessWorkingSetSize
lstrlenW
GetLastError
OutputDebugStringW
GetTickCount
GlobalFree
LockResource
EnumResourceNamesA
GlobalAlloc
GetACP
lstrcpyA
MultiByteToWideChar
FreeEnvironmentStringsW
GetCPInfo
lstrcmpiW
lstrcpyW
InitializeCriticalSection
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23751abeff440e1606c1c9b5462f37e7

Headers

File Characteristics

Imports

advapi32

ole32

oleacc

user32

kernel32

shlwapi

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 53KB - Virtual size: 52KB

.isete Size: 1024B - Virtual size: 100KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 53KB - Virtual size: 52KB

.isete
Size: 1024B - Virtual size: 100KB