5e664d94fe20c2be52a8580946a31fc4_JaffaCakes118

General

Target

5e664d94fe20c2be52a8580946a31fc4_JaffaCakes118
Size

42KB
MD5

5e664d94fe20c2be52a8580946a31fc4
SHA1

f49aaa487b07e6e337fbd8ebaf5bafb226b857d7
SHA256

63654b748a585757ed021c2dd8436f583134b0bc14c9b62859070bd5f66c2e4c
SHA512

75463d350b69474c23c5abde799438075389eb186d7f1118b19fb93690e9977ce8dfcdcbfc0d8b65e15c02b208d59a8d29e68e54ceebd74e645193744842ae87
SSDEEP

768:kmNad3XuWJr09XhvSGJcKU0He/Sl3KA1CgIbARdlY1+S0UTk/+Nj4f:kmN8XO980He/MKVrbwlSLTC+Nj4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e664d94fe20c2be52a8580946a31fc4_JaffaCakes118

Files

5e664d94fe20c2be52a8580946a31fc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

047ad62276916941a5185f34789a8ed0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
DebugBreak
ExitProcess
GetCurrentDirectoryW
GetExitCodeProcess
GetModuleHandleA
GetOverlappedResult
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetProcAddress
GetSystemDefaultLCID
GetWindowsDirectoryA
GlobalLock
IsBadHugeWritePtr
MoveFileW
OpenEventA
QueryPerformanceFrequency
ReadConsoleOutputW
SetCalendarInfoW
SetSystemPowerState
VirtualAlloc
lstrcmpiA

advapi32

AccessCheck
BackupEventLogA
ClearEventLogA
ControlService
CryptAcquireContextA
CryptSetKeyParam
CryptSetProviderW
DuplicateTokenEx
FreeSid
GetFileSecurityA
GetLengthSid
GetSidSubAuthority
IsTextUnicode
LockServiceDatabase
LookupAccountNameA
LookupAccountNameW
MakeAbsoluteSD
NotifyBootConfigStatus
ObjectDeleteAuditAlarmA
PrivilegedServiceAuditAlarmA
RegQueryValueExA
RegSaveKeyW
SetPrivateObjectSecurity

gdi32

CreateBrushIndirect
CreateCompatibleDC
CreateDiscardableBitmap
DeviceCapabilitiesExW
EnumFontFamiliesExW
GetCharABCWidthsFloatA
GetCharWidth32A
GetClipBox
GetEnhMetaFileW
GetICMProfileA
GetStretchBltMode
GetTextFaceW
LPtoDP
PlayEnhMetaFileRecord
PolyPolyline
PolyTextOutA
RoundRect
SetDIBColorTable
SetMagicColors
StartDocA
TranslateCharsetInfo

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

047ad62276916941a5185f34789a8ed0

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 41KB - Virtual size: 56KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 41KB - Virtual size: 56KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 12KB