3cb0428b159b868e04b5e2b8e4dce6aa_JaffaCakes118

General

Target

3cb0428b159b868e04b5e2b8e4dce6aa_JaffaCakes118
Size

23KB
MD5

3cb0428b159b868e04b5e2b8e4dce6aa
SHA1

d9bd971a7308127b3ac22dbbe25f38b66b1d1ef4
SHA256

a9fb7b7097b14c769234b73ebd4df2ce492cacca0b0e7567018278630af4b84e
SHA512

4b66f1cf62c860e3bad47554d707ade9f2ac4ddb9188d9f474c1edc6cf2d6d871aee38f4efd40b47bd788d9c9bf03e8960cb6fb0103c224d00c4b0a0a38dc24a
SSDEEP

384:BKG3o/8t1rkRKnYtAcbe/lvr7kJU8FNClddi4s2kwOsPVzCDPbI9fzr7fr7fr7fw:Jo8tuRKnVcbKF3Q/3uqIlbHHHHHEH05q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb0428b159b868e04b5e2b8e4dce6aa_JaffaCakes118

Files

3cb0428b159b868e04b5e2b8e4dce6aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dd27f9702e749fa79b16dfca0032bbc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

DllDebugObjectRPCHook
CoSwitchCallContext
CoCreateInstance
HICON_UserSize
CoUnmarshalHresult
HBRUSH_UserFree
DoDragDrop

user32

ReleaseDC
GetLastActivePopup
RegisterClipboardFormatW
TranslateMessageEx
ArrangeIconicWindows
ExitWindowsEx
GetCaretBlinkTime
WaitForInputIdle

msvcrt

__p__dstbias
__unguarded_readlc_active
_ismbbprint
_mbsnicmp
_wstrdate
wcsspn
wcslen
_mbsnset
_ismbchira
_ismbcspace

advapi32

LsaGetRemoteUserName
RegisterServiceCtrlHandlerExA
SystemFunction035
CreateServiceW
RegCloseKey
LookupPrivilegeValueW
QueryWindows31FilesMigration
RemoveTraceCallback
CryptSignHashW

gdi32

GetDIBits
EngDeleteClip
RemoveFontResourceTracking
AddFontMemResourceEx
GetCharWidthW
SetBoundsRect

kernel32

WriteProfileSectionA
GetCompressedFileSizeA
UnhandledExceptionFilter
GetProfileSectionW
CreateSemaphoreA
SetSystemTimeAdjustment
lstrcpyn
GetSystemTime
Heap32First
HeapCreateTagsW
FindNextChangeNotification
lstrcpynA
GetConsoleTitleW
GetFileAttributesA
LocalReAlloc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd27f9702e749fa79b16dfca0032bbc3

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

msvcrt

advapi32

gdi32

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 5KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 5KB