773e11d93d3af26e13cde96c3c65ae81_JaffaCakes118

General

Target

773e11d93d3af26e13cde96c3c65ae81_JaffaCakes118
Size

460KB
MD5

773e11d93d3af26e13cde96c3c65ae81
SHA1

3458a61add22fc65b896b1436c4151f47397e399
SHA256

0981d613b2cc0dfe7f3aae54450003fd1f749875ef5ed035e1e515f2985a95c3
SHA512

e0185a52a221b00286c092fbf3db49b78aa01a7d6f15e14797264524665cc0a2c79d7111b87335b3d5bdd18b2e40f3be5e629519026aa2a83d5cb2df4512d042
SSDEEP

12288:ocYhObj8ZpmvK3FK2lwaQNExGNbBBxMe+Q:ocvj8LmK30HExGBxr/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
773e11d93d3af26e13cde96c3c65ae81_JaffaCakes118

Files

773e11d93d3af26e13cde96c3c65ae81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

883a6d0ec83ba701faeff5a88b1cb417

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
LoadStringA
GetSystemMetrics
MessageBoxA

advapi32

MakeSelfRelativeSD
IsValidSecurityDescriptor
GetSecurityDescriptorLength
GetSecurityDescriptorControl

rpcrt4

RpcBindingFree
NdrClientCall2
RpcBindingFromStringBindingW
I_RpcExceptionFilter
RpcStringBindingComposeW
RpcStringFreeW

msvcrt

wcslen
_except_handler3
strcspn
free
_vsnprintf
malloc
_mbschr
strchr
_initterm
wcschr
_adjust_fdiv
wcscspn

ntdll

NtLoadKey
NtAllocateVirtualMemory

kernel32

MultiByteToWideChar
TerminateProcess
WideCharToMultiByte
LocalAlloc
QueryPerformanceCounter
Beep
GetCurrentThreadId
ExitProcess
GetTickCount
UnhandledExceptionFilter
GetCurrentProcess
LocalFree
GetCurrentProcessId

ws2_32

WSAGetLastError

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 208KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

883a6d0ec83ba701faeff5a88b1cb417

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

rpcrt4

msvcrt

ntdll

kernel32

ws2_32

Sections

.text Size: 11KB - Virtual size: 11KB

.rsrc Size: 13KB - Virtual size: 13KB

.rdata Size: 226KB - Virtual size: 225KB

.data Size: 208KB - Virtual size: 936KB

.text
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 13KB - Virtual size: 13KB

.rdata
Size: 226KB - Virtual size: 225KB

.data
Size: 208KB - Virtual size: 936KB