48849f597654fee2256fc09c6fb4761b_JaffaCakes118

General

Target

48849f597654fee2256fc09c6fb4761b_JaffaCakes118
Size

52KB
MD5

48849f597654fee2256fc09c6fb4761b
SHA1

d2fe6c0e71c01fe7b156094a6ff93c3a20605d62
SHA256

59bf427e063e550fa7d79a1d31b9d16db177366c58c63cd512752964cfc8f91b
SHA512

e958a03626f76cb39e2d27829a74c3239baaf1e2c0281991494751c1211fe3b01158fc3cf09f1ec61d731114fc16da1c6faa2aa67a181e630445fee1f27de814
SSDEEP

1536:JXgspLEV9dIIUqYo5HCsDa3NxZ0g0xKrOVR9i4:B7LEVjXUqYSDa3N30gO7Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48849f597654fee2256fc09c6fb4761b_JaffaCakes118

Files

48849f597654fee2256fc09c6fb4761b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aa38edf62b76faddd95e89ebb9bbc9bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

IsZoomed
InvalidateRgn
DeferWindowPos
CreateMenu

kernel32

VirtualAlloc
WriteFile
SetLastError
SetHandleCount
RtlUnwind
CloseHandle
CreateProcessA
CreateThread
ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcessWorkingSetSize
GetStartupInfoA
GetStringTypeA
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
InterlockedIncrement
MultiByteToWideChar

setupapi

SetupDiGetClassDevsExW
SetupDiSetSelectedDriverW
SetupRemoveSectionFromDiskSpaceListA

olepro32

OleTranslateColor
OleCreatePropertyFrame

oleacc

AccessibleChildren
AccessibleObjectFromPoint
GetRoleTextW
GetStateTextW
ObjectFromLresult

advapi32

QueryServiceLockStatusW
RegQueryInfoKeyW
RegEnumKeyW
RegUnLoadKeyW
QueryRecoveryAgentsOnEncryptedFile
ObjectCloseAuditAlarmW
LsaOpenAccount
LockServiceDatabase
GetTrusteeTypeA
EnumServicesStatusExA

security

QueryContextAttributesA
DeleteSecurityContext

Sections

.text
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa38edf62b76faddd95e89ebb9bbc9bc

Headers

File Characteristics

Imports

user32

kernel32

setupapi

olepro32

oleacc

advapi32

security

Sections

.text Size: 39KB - Virtual size: 40KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 40KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB