7464ec8eac2f0a38e59816d2adcf6db2_JaffaCakes118

General

Target

7464ec8eac2f0a38e59816d2adcf6db2_JaffaCakes118
Size

120KB
MD5

7464ec8eac2f0a38e59816d2adcf6db2
SHA1

de97cf557d05f9d8dbde391536818b0765ad5384
SHA256

47af304118b5f102269d3ac7bbcf120e2b094307390dc04e1b4072f5ffd53511
SHA512

b19e6aa923a613e1ef2a1f0882d8bf0186fedcf8037b9ad4ea1ec89a79696925445ff4dc14bb52576541a099fe93dce2b7793edc252763c532bd3ddbf97a371a
SSDEEP

3072:pY1bdgg7EnqHj7maGJqCN4acQJnheS8InNwE7nz4qViQ5/Tx+ose:pY1bREnqeaY4acQ1uINwErz/ViQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7464ec8eac2f0a38e59816d2adcf6db2_JaffaCakes118

Files

7464ec8eac2f0a38e59816d2adcf6db2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f66a6ea898caea88c11fedbb51600a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

kernel32

GetProcAddress
WriteFile
MultiByteToWideChar
CreateFileA
lstrcatA
lstrcpyA
GetSystemDefaultLangID
GetUserDefaultLangID
CreateProcessA
CreateThread
ExitThread
DisconnectNamedPipe
WaitForSingleObject
ReadFile
CreateEventA
ConnectNamedPipe
GetLastError
CreateNamedPipeA
LocalFree
LocalAlloc
ExitProcess
GetVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapAlloc
HeapFree
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
LoadLibraryA
TerminateProcess
VirtualAlloc
CloseHandle
GetCurrentProcess
UnhandledExceptionFilter
GetOEMCP
GetACP
SetHandleCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetModuleFileNameA
GetEnvironmentStringsW
GetEnvironmentStrings
GetCPInfo

user32

DefWindowProcA
ShowWindow
PostQuitMessage
BeginPaint
EndPaint
UpdateWindow
FindWindowA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
wsprintfA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
MessageBoxA
CreateWindowExA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f66a6ea898caea88c11fedbb51600a1

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 9KB - Virtual size: 10KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 9KB - Virtual size: 10KB

.rsrc
Size: 79KB - Virtual size: 80KB