6a2f6d48caff6a8ecf729aafe695be6f_JaffaCakes118

General

Target

6a2f6d48caff6a8ecf729aafe695be6f_JaffaCakes118
Size

54KB
MD5

6a2f6d48caff6a8ecf729aafe695be6f
SHA1

3e3b1d8372a3eb89a9ff1d78d146bd25d5922944
SHA256

182e0124e55a54fa7565fcafa18c9cf0a75789e1e65d2fe6caff38150b5ed2a1
SHA512

78c0c9da40f16eae9e513400c83ce10bf6697ad8280dfd329978a41bc5c1c3274f02db21f04a2900fda343ae972fe544226a1d695749fef7c4e135c4517f407b
SSDEEP

1536:dE/ahVFD4FpkePh9n7tKmQ+dfpVmqTH9EP:umVFcfLh5PLmqTH9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a2f6d48caff6a8ecf729aafe695be6f_JaffaCakes118

Files

6a2f6d48caff6a8ecf729aafe695be6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

344711cedb4c4cf2bb5ce847e4b742b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SetMenuItemInfoA
PtInRect
LoadImageA
InsertMenuA
GetMenuItemCount
GetKeyState
GetClassLongA
FindWindowA
ClientToScreen

kernel32

SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
SetLastError
RtlUnwind
ReadProcessMemory
MultiByteToWideChar
HeapReAlloc
HeapCreate
HeapAlloc
CloseHandle
ExitProcess
FileTimeToLocalFileTime
FreeEnvironmentStringsW
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
GetPriorityClass
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetTickCount
GetVersionExA
GlobalUnlock

security

QueryContextAttributesW
AddSecurityPackageW

olepro32

OleIconToCursor
OleCreatePictureIndirect

oleacc

AccessibleObjectFromWindow
AccessibleChildren
LresultFromObject

advapi32

OpenTraceW
RegEnumKeyA
RegEnumKeyExA
RegSaveKeyA
IsWellKnownSid
GetOldestEventLogRecord
GetCurrentHwProfileW
CryptSignHashA
BackupEventLogA
OpenBackupEventLogW

setupapi

SetupDiGetDriverInstallParamsW
SetupDiDeleteDevRegKey
SetupDiCreateDevRegKeyA
SetupDiGetHwProfileFriendlyNameExA
SetupPromptForDiskA

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344711cedb4c4cf2bb5ce847e4b742b3

Headers

File Characteristics

Imports

user32

kernel32

security

olepro32

oleacc

advapi32

setupapi

Sections

.text Size: 42KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB