7859b0b7446b78558efa47b214f2475b_JaffaCakes118

General

Target

7859b0b7446b78558efa47b214f2475b_JaffaCakes118
Size

164KB
MD5

7859b0b7446b78558efa47b214f2475b
SHA1

4d8c589ec5a64c0ec212a1ee97cd4b4a030e388f
SHA256

5b39ddbf33dcbaa8bf4060a0b7092725cd65d6f4108326e18e76ba73a0de1e01
SHA512

e686138f111af3998f86bcc7c362b0ce51d58ae3af74af1f809866804e29e6129d982b9d7cff7d1f216fb260b74e93b2c249c19d46f45671ad41b6282ff1616c
SSDEEP

3072:2FF5vXV2vFDyrXd7tlas97SqELDW4oBzx0AaRBMXrGd402NYjAq3Zy1DrJHEYz:jtDbfkFreC818dJHEg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7859b0b7446b78558efa47b214f2475b_JaffaCakes118

Files

7859b0b7446b78558efa47b214f2475b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

beb90927b0fc0271de4d3847b156709a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetUserDefaultLangID
GetEnvironmentVariableA
TerminateProcess
CompareStringA
CreateProcessA
VirtualProtect
DeviceIoControl
GetModuleHandleA

user32

DrawMenuBar
CallNextHookEx
SetActiveWindow
SystemParametersInfoA
PeekMessageA
SetWindowsHookExA
GetSysColor
GetDCEx
PostMessageA
GetPropA
SetCapture
TrackPopupMenu

msvcrt

log10
_pctype
_errno
isspace
__setusermatherr
__set_app_type
memcpy
_mbscmp
_initterm
__getmainargs
_XcptFilter
__p__commode
_assert
exit
strtok
_acmdln
_except_handler3
_adjust_fdiv
__p__fmode
_wcsupr

shell32

ShellExecuteExA
DoEnvironmentSubstW
FindExecutableW
ExtractIconExW
ExtractAssociatedIconW
SHBrowseForFolder
SHGetSpecialFolderLocation
ShellExecuteExW

oleaut32

SysStringLen
SafeArrayRedim
SafeArrayGetElement
SetErrorInfo
SysReAllocStringLen
SafeArrayPutElement

ole32

CoTaskMemFree
CreateILockBytesOnHGlobal
CoGetClassObject
RegisterDragDrop
ReleaseStgMedium
DoDragDrop

advapi32

RegEnumValueA
IsValidSid
ControlService
RegSetValueExW
SetSecurityDescriptorOwner
RegQueryInfoKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
DeleteService
RegQueryValueExW
InitializeAcl
RegCreateKeyExA

comctl32

ImageList_DragEnter
ImageList_SetBkColor
CreateToolbarEx
ImageList_GetIcon
ImageList_Read
ImageList_Replace
PropertySheetA
ImageList_Remove

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

beb90927b0fc0271de4d3847b156709a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

oleaut32

ole32

advapi32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 151KB - Virtual size: 151KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 151KB - Virtual size: 151KB

.data
Size: 6KB - Virtual size: 6KB