057bda2de9e9844b218ec51b81b1f687_JaffaCakes118

General

Target

057bda2de9e9844b218ec51b81b1f687_JaffaCakes118
Size

176KB
MD5

057bda2de9e9844b218ec51b81b1f687
SHA1

3ff3a2f6ce546f2d4305703791265b24bfe07974
SHA256

b284d7a75242d6b6e437ebbbf76e1906607845d7a16c5e738dd416b30807f639
SHA512

b730952050a89e2c20ba46c4b3ebcc8305daa0a4425141859049908119cb66613321bd0f2f1ccd8ecfc0bd5e97f51011115c380fbc05886f5476abf8e362c9c8
SSDEEP

3072:1YW+Yqm39q//+12t1oMamJ7fKgyx4nuMY/hAAwZR+0FBNPlvTcgZXNNNN:1YW+JmNq/G12nfUVxyuF3wZ80FBNtvTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
057bda2de9e9844b218ec51b81b1f687_JaffaCakes118

Files

057bda2de9e9844b218ec51b81b1f687_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4b307a65fddb88958c1bc2c50431ded

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetStartupInfoA

user32

PostMessageW
GetMenuStringW
SetCapture
AllowSetForegroundWindow
DestroyIcon
DefWindowProcW
LoadIconA
RegisterClassW
SetActiveWindow
GetMenu
TrackPopupMenu
DestroyMenu
SetWindowLongW
ShowWindowAsync
OffsetRect
ReleaseCapture
AdjustWindowRectEx
DrawFocusRect
MessageBeep
MoveWindow
GetKeyState
DestroyWindow
CreateWindowExA
SetMenuItemInfoA
GetMenuItemCount
ClientToScreen
GetActiveWindow
CheckMenuItem
CreateWindowExW
SetWindowTextW
SendMessageW
ReleaseDC
GetSubMenu
InflateRect
GetCursorPos
GetClientRect
LoadStringW
UnregisterClassA
SetWindowPos
PtInRect

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

advapi32

GetSecurityDescriptorDacl
RegCreateKeyW
LookupAccountSidA
CheckTokenMembership
GetSidIdentifierAuthority
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
AllocateAndInitializeSid
RegCloseKey
OpenThreadToken
IsValidSid
QueryServiceStatus
RegDeleteKeyA
SetSecurityDescriptorDacl
GetTokenInformation

shell32

SHBindToParent

msvcrt

__set_app_type
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__p__fmode
_controlfp
__dllonexit
_onexit

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4b307a65fddb88958c1bc2c50431ded

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

shell32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 132KB - Virtual size: 226KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 132KB - Virtual size: 226KB

.rsrc
Size: 28KB - Virtual size: 26KB