416181a56247b157bac974ae2826574b_JaffaCakes118

General

Target

416181a56247b157bac974ae2826574b_JaffaCakes118
Size

44KB
MD5

416181a56247b157bac974ae2826574b
SHA1

38fbe74555684d82fb8fb6b958a0e4ae6b96cd3d
SHA256

28a03f7b0d9aec1cb274467d20c14d19fbe7ca70cd906764fa9489009cebe62e
SHA512

b13f9e12f675ebab273b32d469937758579d068d96ea9a402a495e4dee742ed9dc22e9a1f70b90f81bf6dd57de0fd4a6d737dffa19ca1519329ec073e03df4ca
SSDEEP

768:zkvECopBe1pfO81ilRAmZ3jU+JJHbpIxm3xDNCL0nvDVpckU1laFFtADl:zfCEBebxoU+hpIA3HC0lULa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
416181a56247b157bac974ae2826574b_JaffaCakes118

Files

416181a56247b157bac974ae2826574b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b9a61e05b10946245805edc6f51a044

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreatePipe
ExitProcess
GetEnvironmentStringsW
GetExitCodeProcess
GetLongPathNameA
GetSystemPowerStatus
GetTapeParameters
GetVersionExA
HeapWalk
InterlockedDecrement
LocalSize
MulDiv
QueryPerformanceCounter
ReadFileScatter
ReleaseSemaphore
SetComputerNameA
SetEnvironmentVariableA
SetFileApisToANSI
WriteFile
_lopen

advapi32

BuildImpersonateExplicitAccessWithNameW
BuildTrusteeWithSidW
ClearEventLogW
CloseServiceHandle
CopySid
CreateProcessAsUserA
CryptHashSessionKey
CryptSetKeyParam
CryptSetProvParam
EnumServicesStatusW
EqualSid
GetAccessPermissionsForObjectW
GetOverlappedAccessResults
GetSidSubAuthority
LogonUserA
LookupAccountSidW
LookupSecurityDescriptorPartsW
QueryServiceLockStatusA
RegQueryMultipleValuesW
RegQueryValueW
ReportEventA
SetNamedSecurityInfoW

gdi32

CheckColorsInGamut
Chord
CloseMetaFile
CreateBrushIndirect
CreateFontA
DeleteDC
GdiPlayDCScript
GetArcDirection
GetBrushOrgEx
GetColorAdjustment
GetCurrentObject
GetDIBits
GetEnhMetaFileDescriptionW
GetLayout
GetMapMode
GetTextExtentPoint32W
GetTextMetricsW
MoveToEx
OffsetClipRgn
PtInRegion
RealizePalette
SetICMProfileA
SetPaletteEntries
SetPixelV
SetStretchBltMode
TranslateCharsetInfo
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b9a61e05b10946245805edc6f51a044

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 42KB - Virtual size: 48KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 42KB - Virtual size: 48KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 8KB