73625453a631b53374e2c6f397a35811_JaffaCakes118

General

Target

73625453a631b53374e2c6f397a35811_JaffaCakes118
Size

23KB
MD5

73625453a631b53374e2c6f397a35811
SHA1

1899cd935848efd45ba645c5fede7581ef8a89d0
SHA256

07c5de6e352d1dd2de87df9cb47b9c369aafacab11d1b8dbb2aced8d3393cde0
SHA512

e1ad2507cecdbd17c15bd37029bc72e612447908978bdc5c49a451f28ff0c6a0434b361fb4be822d2e9292dfc47f2e4a8dbcc20b8d674ed0e8ae52ba1b9c1a5f
SSDEEP

384:GeDV5BGOZRVnu1PFvZysm/2XpVgEaNHKpPoDjNo3TTPTTPTTfrDxLuhi:T5ggvu1PFvNzWK+pobWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73625453a631b53374e2c6f397a35811_JaffaCakes118

Files

73625453a631b53374e2c6f397a35811_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d02b780e5fdf9e3a3c5afa7b1993c70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
IsBadStringPtrA
GetConsoleTitleW
GetCalendarInfoA
GetStartupInfoA
ExitVDM
DeleteVolumeMountPointA
LocalFree
QueryWin31IniFilesMappedToRegistry
WriteConsoleOutputCharacterA
CreateTimerQueue
GetModuleHandleA
_lwrite
GetConsoleCharType
MoveFileWithProgressA

msvcrt

_wexecv
_sopen
__mb_cur_max
_wexecv
_fputchar
towupper
_wsetlocale
_mbstok
_cputs
log

user32

GetProcessDefaultLayout
SendIMEMessageExA
GetMenuItemInfoW
GetProgmanWindow
CharToOemBuffW
RegisterShellHookWindow
User32InitializeImmEntryTable
DdeAddData

gdi32

CreateFontIndirectW
BRUSHOBJ_pvAllocRbrush
GetEnhMetaFileBits
EngMultiByteToUnicodeN
GetWindowExtEx

advapi32

QueryServiceStatus
EnumServicesStatusExA
LsaOpenPolicy
WmiExecuteMethodA
ElfFlushEventLog
GetOldestEventLogRecord
ElfOpenBackupEventLogA
ObjectOpenAuditAlarmA
CryptGenRandom

ole32

HMETAFILE_UserSize
StgOpenPropStg
WriteFmtUserTypeStg
HWND_UserUnmarshal
HBITMAP_UserFree
CoGetInterfaceAndReleaseStream

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d02b780e5fdf9e3a3c5afa7b1993c70

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

ole32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 5KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 5KB