61bf5b32dabcdcd5fabc9ab6eaa1c5ba_JaffaCakes118

General

Target

61bf5b32dabcdcd5fabc9ab6eaa1c5ba_JaffaCakes118
Size

226KB
MD5

61bf5b32dabcdcd5fabc9ab6eaa1c5ba
SHA1

65fb934069d8df2b4661664ffd3d3ebefe45f68e
SHA256

377a7c9f42fb612f92846395b7a988ae74fc6a936898bfda0ce573c1944bbb44
SHA512

ba8a48c140cceb37cb64a3892c84c956cb348032787f0d0e7d4c555f8e68614e9a9ff82372c1719f3d8d9ba50ad8e5e9063b95669dcc29cc4a752adeb9809be4
SSDEEP

6144:sYqrdxZPbFy96Q64QAZA4dI/nPksX3aGOo7CvzlmlXJ:sYgZPo9PrpNpsX3soAglXJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61bf5b32dabcdcd5fabc9ab6eaa1c5ba_JaffaCakes118

Files

61bf5b32dabcdcd5fabc9ab6eaa1c5ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93f0d4a2d786c99a46a37e48da2f57fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CancelDeviceWakeupRequest
CloseProfileUserMapping
CreateDirectoryExA
DebugBreak
ExitProcess
GetDriveTypeA
GetEnvironmentStringsW
GetLogicalDriveStringsW
GetProcAddress
GetSystemTimeAdjustment
GetThreadPriorityBoost
IsBadHugeWritePtr
IsProcessorFeaturePresent
LoadResource
LocalCompact
LocalFree
PrepareTape
RtlFillMemory
SetCommState
SignalObjectAndWait
UTUnRegister
WriteConsoleInputW
WriteConsoleOutputCharacterW
_hread
lstrcpynW

advapi32

AdjustTokenPrivileges
CancelOverlappedAccess
CreateServiceW
CryptVerifySignatureW
DeleteAce
GetNamedSecurityInfoA
GetServiceKeyNameA
GetSidIdentifierAuthority
LookupSecurityDescriptorPartsW
OpenBackupEventLogW
OpenEventLogA
OpenSCManagerA
QueryServiceStatus
RegCreateKeyA
RegEnumKeyA
RegFlushKey
RegRestoreKeyW
RegisterEventSourceA
SetEntriesInAccessListA
SetTokenInformation

gdi32

CopyEnhMetaFileW
CreateCompatibleDC
CreateDCW
CreateDIBPatternBrush
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtCreateRegion
ExtFloodFill
FloodFill
GetBitmapDimensionEx
GetCharacterPlacementA
GetEnhMetaFileDescriptionW
GetLayout
GetRandomRgn
OffsetClipRgn
PolyPolygon
PolyTextOutA
Polygon
PtInRegion
ResizePalette
ScaleViewportExtEx
SelectPalette
SetBoundsRect
SetWorldTransform
SwapBuffers

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 224KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93f0d4a2d786c99a46a37e48da2f57fe

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 224KB - Virtual size: 240KB

.idata Size: - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 196KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 224KB - Virtual size: 240KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 196KB