3ca4661138c53d47da9403abed578079_JaffaCakes118

General

Target

3ca4661138c53d47da9403abed578079_JaffaCakes118
Size

74KB
MD5

3ca4661138c53d47da9403abed578079
SHA1

e80b9252f55bb68a100d557d790e827098dab866
SHA256

6c220ed23482f984d2257ceb267258d8d9cf6261a0be586db5baa93f55ee3038
SHA512

c26568e4a42269c2cde362775364c4c492a304b377506ed18f77fcf82126b03895d43a3e8b822c43c6ea3e039dbca898a8abb7ee3b5b9f6e0708fd89fae9c7ae
SSDEEP

1536:9nUVYZ0mU35iDL0HXEtTlVmLksCjs9mN0S5e0Hjzl:9nzamUIDYHo0LVKs9mHXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca4661138c53d47da9403abed578079_JaffaCakes118

Files

3ca4661138c53d47da9403abed578079_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7bf2bd0b650637bdeaa873ec51947f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkW
GetModuleHandleA
BuildCommDCBW
_hread
SetWaitableTimer
FormatMessageW
SetWaitableTimer
GetUserDefaultLCID
IsBadHugeReadPtr
GetStartupInfoA
DebugActiveProcess
VirtualFree
SetConsoleCommandHistoryMode
SetConsoleKeyShortcuts
GetCommandLineA

gdi32

GetCharABCWidthsFloatW
GdiSetLastError
GetFontAssocStatus
GdiQueryFonts
EngDeleteSemaphore

advapi32

BuildImpersonateExplicitAccessWithNameA
AccessCheckByTypeAndAuditAlarmA
SetSecurityInfoExA
RegEnumValueA
ObjectPrivilegeAuditAlarmA
WmiSetSingleInstanceA
WmiQueryAllDataW
RegEnumValueA
CryptDestroyKey

ole32

StgOpenStorageOnILockBytes
CoFileTimeNow
OleRegEnumVerbs
IsValidPtrIn
SNB_UserMarshal
HWND_UserFree

user32

RegisterLogonProcess
CharPrevExA
SetUserObjectInformationW
DestroyCaret
MonitorFromWindow
EnumDisplaySettingsA
EnumPropsA
RegisterWindowMessageW

msvcrt

_mbclen
_CIlog10
_fstat64
_ismbblead
_open
isspace
_snprintf
iswctype
_wcsnicmp
_mbsupr

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7bf2bd0b650637bdeaa873ec51947f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

ole32

user32

msvcrt

Sections

.text Size: 70KB - Virtual size: 70KB

.data Size: 2KB - Virtual size: 121KB

.rsrc Size: 1024B - Virtual size: 780B

.text
Size: 70KB - Virtual size: 70KB

.data
Size: 2KB - Virtual size: 121KB

.rsrc
Size: 1024B - Virtual size: 780B