59acc179c990dea405bb164f81a63e59_JaffaCakes118

General

Target

59acc179c990dea405bb164f81a63e59_JaffaCakes118
Size

32KB
MD5

59acc179c990dea405bb164f81a63e59
SHA1

182ac6f2a85b604a65ba13c9c9f823c1812c2c10
SHA256

913061f0dcf4363b3feecd74c98e14cff019d29b1ac40805f8a8abded0cc89f5
SHA512

1c2d6b4fd2d08dddee8eb9e81fbbdfae59f075b91200ea8fea9a06b2900011061cf267cec217102863525876ffd4be92b11cd753b1c64921514d4250d6c2d01c
SSDEEP

768:32TYeQOI9/quN9uwl0EiFvyk0L6Fem1FB2:32TjQr/LJl0EOvyk02FemJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59acc179c990dea405bb164f81a63e59_JaffaCakes118

Files

59acc179c990dea405bb164f81a63e59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cec586cd3cde40d8b8f7af62dd7d4d9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

??0STRING_ARRAY@@QAE@XZ
?Fatal@PROGRAM@@UBEXXZ
?NewBuf@DSTRING@@UAEEK@Z
?Initialize@SORTED_LIST@@QAEEE@Z
??0PATH@@QAE@XZ
?Strlwr@WSTRING@@QAEPAV1@KK@Z
?SetLoggingEnabled@MESSAGE@@QAEXE@Z
?Strcmp@WSTRING@@QBEJPBV1@KKKK@Z
?QueryTimeOut@COMM_DEVICE@@QBEEXZ
?LogMessage@MESSAGE@@QAEEPBVWSTRING@@@Z
?SetFileName@FSN_FILTER@@QAEEPBD@Z
?QuerySTR@BSTRING@@QBEPADKKPADKE@Z

advapi32

RegSetValueExW
MapGenericMask
OpenProcessToken
LookupPrivilegeNameW
GetSidIdentifierAuthority
CopySid
RegQueryValueExW
RegCreateKeyW

user32

GetDesktopWindow
GetCapture
DialogBoxIndirectParamW
OffsetRect
GetMenu
ExitWindowsEx
ModifyMenuW
CloseClipboard
GetWindowDC
SetWindowLongW

kernel32

CreatePipe
HeapValidate
ReplaceFileW
GetMailslotInfo
GetPrivateProfileStringA
FindFirstVolumeMountPointA
GetSystemTimeAdjustment
GetLogicalDrives
GetHandleInformation

ole32

OleCreateStaticFromData
CoResumeClassObjects
OleCreateFromData
CoTaskMemAlloc
CoGetObjectContext
CoTreatAsClass
OleGetClipboard
OleCreateFromDataEx

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec586cd3cde40d8b8f7af62dd7d4d9a

Headers

File Characteristics

Imports

ulib

advapi32

user32

kernel32

ole32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB