78a6a86cdd7c4d9ec8e31bb5221889e0_JaffaCakes118

General

Target

78a6a86cdd7c4d9ec8e31bb5221889e0_JaffaCakes118
Size

158KB
MD5

78a6a86cdd7c4d9ec8e31bb5221889e0
SHA1

7df1bd4fc50b31f487af92cea1714cd65bc3e942
SHA256

57ab53dd10274da063547a74a835b02b7bd070bd97d012980d8e1391dae45bb8
SHA512

25b4bdfe0de809d65870baa2908b1f2818329f92ea99a5607ee4644b3eff92e50f41c01b6e03246cb3962957dcb8b649f1a0efd226ca6696340726fc9b70ec7d
SSDEEP

3072:PhqAN7hXC3//OI2RcxfIFo9+SpBtrkOiePDi:pc/52RQfI+vpXkCLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78a6a86cdd7c4d9ec8e31bb5221889e0_JaffaCakes118

Files

78a6a86cdd7c4d9ec8e31bb5221889e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32304c14f21970600129d1a9e6043df0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuState
EnableWindow
DrawTextA
GetIconInfo
CharToOemA
EnumThreadWindows
GetCapture
GetCursor
BeginDeferWindowPos
DefFrameProcA
IsDialogMessageA
GetScrollInfo
GetMenuItemInfoA
CreateIcon
DispatchMessageW
GetParent

advapi32

RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA

ole32

CoGetMalloc
MkParseDisplayName
CoCreateFreeThreadedMarshaler
StringFromIID
StgCreateDocfileOnILockBytes
CoDisconnectObject
CoGetContextToken

shlwapi

SHGetValueA
SHStrDupA
SHEnumValueA
SHSetValueA
SHDeleteKeyA
SHQueryInfoKeyA

kernel32

GetCurrentThreadId
CreateFileA
WriteFile
ExitThread
FreeLibrary
GetCurrentThread
GetFileAttributesA
GetCurrentProcess
GetCommandLineA
GetOEMCP
lstrlenA
MoveFileExA
GetDateFormatA
LoadLibraryExA
VirtualAllocEx
GetLocaleInfoA

msvcrt

mbstowcs
sprintf
calloc
wcschr
clock
exit
memcpy
_acmdln
wcscspn
wcsncmp

Sections

.tls
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32304c14f21970600129d1a9e6043df0

Headers

File Characteristics

Imports

user32

advapi32

ole32

shlwapi

kernel32

msvcrt

Sections

.tls Size: 19KB - Virtual size: 19KB

.rdata Size: 134KB - Virtual size: 213KB

.bss Size: 3KB - Virtual size: 3KB

DATA Size: 512B - Virtual size: 141B

.tls
Size: 19KB - Virtual size: 19KB

.rdata
Size: 134KB - Virtual size: 213KB

.bss
Size: 3KB - Virtual size: 3KB

DATA
Size: 512B - Virtual size: 141B