416432112d66c96cdb7440a39f5644ae_JaffaCakes118

General

Target

416432112d66c96cdb7440a39f5644ae_JaffaCakes118
Size

615KB
MD5

416432112d66c96cdb7440a39f5644ae
SHA1

3902bfe8c57aaec6ed37e144a6db1efc7b8acb5a
SHA256

1950eed8a56b6a769e5c8b36a27a640c2e80779868771501c78f3fa4fac1b819
SHA512

d06fa4b88822ff13216e029bc534012c125f7edc6ec55a6964dc09b79c315aade115140eb6269190dabb4896c927ff28311f0bea04066cd8e93290016f784705
SSDEEP

12288:QRc/aDbBT6ewO8y/5AXuMgtpcOc0jgJom5NqYgj+:QWMd30yWbg7cOc0jgJT3qYgS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
416432112d66c96cdb7440a39f5644ae_JaffaCakes118

Files

416432112d66c96cdb7440a39f5644ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9f586a50b29339c84861dcd4633799c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

QueryPathOfRegTypeLi
SysFreeString
LoadTypeLibEx
SafeArrayRedim

ws2_32

accept
WSAAsyncGetServByPort
getprotobyname
gethostname

ole32

CreateOleAdviseHolder
OleSaveToStream
OleFlushClipboard
OleLockRunning

kernel32

GetSystemDirectoryW
SearchPathW
FindResourceExW
ExitProcess
EnumResourceLanguagesW
GetDriveTypeW
IsValidLocale
SetThreadLocale
GetSystemTimeAsFileTime
LocalReAlloc
CreateMutexA
GetCurrentProcessId
CreateMutexW
SetCommMask
DebugBreak
GlobalDeleteAtom
LocalFileTimeToFileTime
GetEnvironmentVariableW
FreeLibrary

user32

IsWindow
BringWindowToTop
GetKeyboardLayoutList
GetScrollInfo
CreateDialogIndirectParamW
GetMonitorInfoW

gdi32

FillRgn
GetEnhMetaFileDescriptionA
GetObjectA
IntersectClipRect
GetViewportOrgEx
GetCharacterPlacementA
SetROP2
CreateDiscardableBitmap
CopyEnhMetaFileW
InvertRgn

Sections

.text
Size: 14KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9f586a50b29339c84861dcd4633799c

Headers

File Characteristics

Imports

oleaut32

ws2_32

ole32

kernel32

user32

gdi32

Sections

.text Size: 14KB - Virtual size: 230KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 14KB - Virtual size: 230KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 16KB - Virtual size: 16KB