66f334bb8873b55cdedc665d8e25edb0_JaffaCakes118

General

Target

66f334bb8873b55cdedc665d8e25edb0_JaffaCakes118
Size

44KB
MD5

66f334bb8873b55cdedc665d8e25edb0
SHA1

a3d374e9f2e665a8de662c61964d6a0dc21b98ba
SHA256

47defa2191d56d2a6010c520fd9c8afa33a464adef59f8de3292b4ef1b10f107
SHA512

640dae2825a4b65fb3c592725e8efd6803e0b231661a2c229004b3851c4ff6b069bd06b43d7c6972eb821cee5a334d07773a4509a87f460759e46b2e15c21b05
SSDEEP

768:GTpYhdXAoVdMdz4WpfwdWCD/O1VFNScVmPLso3YWYGfts0APRfZclmVC5eZF4:S89i0S0WkO1rcPoo3YZElCC5EW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f334bb8873b55cdedc665d8e25edb0_JaffaCakes118

Files

66f334bb8873b55cdedc665d8e25edb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a9da1858f9337bf6b6102c72841ef82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FileTimeToDosDateTime
FindNextFileA
GetCompressedFileSizeW
GetLargestConsoleWindowSize
GetQueuedCompletionStatus
GetTempFileNameA
GetThreadTimes
GetUserDefaultLangID
GetVolumeInformationW
GlobalUnWire
HeapWalk
InterlockedDecrement
IsSystemResumeAutomatic
ReadConsoleOutputAttribute
ReadDirectoryChangesW
ReadFileScatter
RtlUnwind
RtlZeroMemory
SetConsoleTextAttribute
SetCriticalSectionSpinCount
SetFileApisToOEM
SetLastError
SetProcessPriorityBoost
UpdateResourceA
WaitNamedPipeA
WriteFileGather
lstrcat
lstrlen

advapi32

BuildTrusteeWithNameW
ClearEventLogW
CopySid
CryptAcquireContextA
CryptCreateHash
CryptEnumProvidersA
CryptGenKey
CryptGetUserKey
DeleteAce
EqualPrefixSid
GetExplicitEntriesFromAclA
GetTrusteeTypeA
ImpersonateLoggedOnUser
LookupPrivilegeValueA
OpenBackupEventLogA
OpenEventLogA
RegCloseKey
RegCreateKeyA
RegEnumKeyW
RegQueryValueExA
SetNamedSecurityInfoA
SetServiceObjectSecurity

user32

AnyPopup
CallWindowProcW
CharNextExA
CharPrevW
CreateDialogParamA
CreateMDIWindowA
DdeQueryConvInfo
DefFrameProcW
DefWindowProcW
EnumDesktopWindows
GetDlgCtrlID
GetMenuItemInfoA
GetMenuItemRect
GetSubMenu
GetSystemMenu
GetWindowTextLengthA
IsWindowEnabled
PostThreadMessageA
SetInternalWindowPos
UserClientDllInitialize
ValidateRect

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a9da1858f9337bf6b6102c72841ef82

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 43KB - Virtual size: 64KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 43KB - Virtual size: 64KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 12KB