70f4e38073bcbdee6b6f83c562c5dc69_JaffaCakes118

General

Target

70f4e38073bcbdee6b6f83c562c5dc69_JaffaCakes118
Size

367KB
MD5

70f4e38073bcbdee6b6f83c562c5dc69
SHA1

12d28bb3e82350e321e24eeb37cdd31dedf634cc
SHA256

fa0060b1bffeb6b56548599fc8c501e4a0728084bce6d91db091780c4d13f6ee
SHA512

e3cc6fdb81496d586cc524ce928be67938cc6df42786440c4d1a0fd6ddbe175b55c6bba6c432cbb9f29e2328a13271ba88557599f150f4d5585a2ba643a629b8
SSDEEP

6144:ScvEFoZEciHbuCPKk/lt2wTaUtZqhELR3EEYMiZGSywncBF9aljsPCK39kJt6Ci:ScvEqviTCIL26a2Zqa1hbSywnwF9agCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70f4e38073bcbdee6b6f83c562c5dc69_JaffaCakes118

Files

70f4e38073bcbdee6b6f83c562c5dc69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f330fd9fe629d22fbe413853e3e25610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsW
GetDriveTypeA
_llseek
CreatePipe
SetUnhandledExceptionFilter
VirtualQueryEx
DeviceIoControl
EnterCriticalSection
WritePrivateProfileStringA
FindResourceExA
MulDiv
lstrcmpiW
GetProcessVersion
SetTapeParameters
QueryPerformanceCounter
FreeConsole
FreeEnvironmentStringsA
TerminateProcess
LoadLibraryExW
FindFirstChangeNotificationW
RaiseException
GetCurrentProcess
MultiByteToWideChar
_lopen
GlobalMemoryStatus
EnumResourceTypesA
lstrcmpiA
GetNumberFormatA
LocalUnlock
FindClose
WriteConsoleW
ClearCommError
WritePrivateProfileSectionA
SystemTimeToTzSpecificLocalTime
GetEnvironmentStrings
SetMailslotInfo
CreateEventW
ReleaseMutex
GetCommTimeouts
lstrcpyA
ReadFileScatter
IsValidLocale
GetConsoleScreenBufferInfo

user32

LoadBitmapW
CharToOemBuffA
VkKeyScanA
GetDlgItemInt
GetPropW
GetWindowTextLengthA
ShowWindow
EnumWindowStationsA
CharToOemW
PostThreadMessageA
PeekMessageW
GetKeyState
SetRectEmpty
DrawEdge

advapi32

RegNotifyChangeKeyValue
IsValidAcl
CreatePrivateObjectSecurity
CryptReleaseContext
AddAccessAllowedAce
RegDeleteValueA
GetLengthSid
SetSecurityDescriptorDacl
RegQueryValueExA
OpenSCManagerA
QueryServiceConfigW
CryptGenKey

Sections

.text
Size: 36KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f330fd9fe629d22fbe413853e3e25610

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 353KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 304KB - Virtual size: 304KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 36KB - Virtual size: 353KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 304KB - Virtual size: 304KB

.rsrc
Size: 22KB - Virtual size: 21KB