3cfcaebae8ee39a6f315f4062c44f977_JaffaCakes118

General

Target

3cfcaebae8ee39a6f315f4062c44f977_JaffaCakes118
Size

24KB
MD5

3cfcaebae8ee39a6f315f4062c44f977
SHA1

7c25b3031366e38a5a6b754337afa686b15b2cc4
SHA256

e50815c09b2196f15af3a0bac1c0b7770533845c37bd3c89112efbc70b2efba5
SHA512

cda3e7d025f08c728a771123c20d9abf92a73e872a2c0c2a4579d111cf9361d1033de15885eba16d43d28124f4d731b2ef8babd7b6579c7b535409aa12edfbae
SSDEEP

384:PiV5THAHOdf/NS/tTmKcO5I2as4sqKYdf25mIT:P49zdlS/tTEO9asNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cfcaebae8ee39a6f315f4062c44f977_JaffaCakes118

Files

3cfcaebae8ee39a6f315f4062c44f977_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9238c062f78d671a1b13eb33afdeec68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ChoosePixelFormat
SetPixelV
GdiFixUpHandle
GdiAddGlsRecord
FontIsLinked

ole32

StgCreateDocfileOnILockBytes
OleGetIconOfFile
StgIsStorageFile
CoImpersonateClient
CLSIDFromProgID
IsValidInterface

kernel32

GetCommMask
ExitVDM
FormatMessageA
GetModuleHandleA
TlsAlloc
QueryWin31IniFilesMappedToRegistry
FindFirstChangeNotificationW
GetStartupInfoA
GetCommandLineA
CreateWaitableTimerA
FindAtomW
GetConsoleAliasesLengthW
QueueUserWorkItem
CreateEventW
ResetEvent

msvcrt

_wctime64
_flsbuf
__argc
puts
_mbscmp
_spawnvp
_ui64tow
_spawnle
_cprintf
_fputwchar

advapi32

ConvertSecurityDescriptorToAccessNamedA
CryptSetHashParam
LsaSetSecurityObject
AccessCheckByTypeAndAuditAlarmA
GetUserNameA
LsaSetTrustedDomainInformation
IsValidSecurityDescriptor
EnableTrace
LsaSetInformationTrustedDomain

user32

ClientThreadSetup
EnumPropsA
SetDoubleClickTime
UserLpkTabbedTextOut
SoftModalMessageBox
GetDesktopWindow
DrawCaptionTempW
IsDialogMessageW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9238c062f78d671a1b13eb33afdeec68

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 860B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 860B