87de783ce9c5eb6d4f04a9bbc48e8beb_JaffaCakes118

General

Target

87de783ce9c5eb6d4f04a9bbc48e8beb_JaffaCakes118
Size

340KB
MD5

87de783ce9c5eb6d4f04a9bbc48e8beb
SHA1

2922456aec89b8016bea1ef234820b5a85a355b1
SHA256

29185a4b762ac1f95a4e7610c725a9e8b5508012c213975d1d885aaaf5dbe7cc
SHA512

57e961abc282bda2f2593cf911fce0306dde177b19ade9f2369c33c6f3f954eac9909e9938766f680a3add4d4d4339d2646c54a81ef39316a7fd53e492848634
SSDEEP

3072:LrmxMON3+D/PlyY+xkxWA+h069ZP7wJlEnKaZ:3m6Xcx8bo8rW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87de783ce9c5eb6d4f04a9bbc48e8beb_JaffaCakes118

Files

87de783ce9c5eb6d4f04a9bbc48e8beb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bd0bb669346bd0a271c9d07bbb26ef9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
SetThreadAffinityMask
FindFirstFileW
SearchPathW
GetVersionExW
GetStartupInfoA
PeekConsoleInputW
GetProfileIntA
GetUserDefaultLCID
FileTimeToSystemTime
SetConsoleScreenBufferSize
GlobalAlloc
CompareFileTime
GlobalCompact
_lwrite
PostQueuedCompletionStatus
GetOverlappedResult
FillConsoleOutputAttribute
WritePrivateProfileStringW
QueueUserAPC
LeaveCriticalSection

shell32

SHBrowseForFolderA
ShellAboutA

gdi32

DPtoLP
GetGlyphOutlineW
ExtFloodFill
CreateRoundRectRgn
CloseFigure
CreateSolidBrush
ScaleViewportExtEx
GetRgnBox

comdlg32

GetFileTitleW
FindTextW

user32

UnloadKeyboardLayout
SetClipboardData
CheckMenuItem
MapVirtualKeyW
GetSystemMetrics
CreatePopupMenu
SetMenuItemInfoA
ScrollDC
OemToCharBuffW
DrawCaption
GetMessageA
OemToCharBuffA

advapi32

ChangeServiceConfigA
AllocateAndInitializeSid
OpenProcessToken
RegLoadKeyW
RegQueryValueA
SetNamedSecurityInfoA
LookupAccountNameA
GetSecurityInfo
CryptSetHashParam
CryptDestroyHash
RegSaveKeyA
QueryServiceObjectSecurity
RegEnumKeyExW
GetSidLengthRequired
GetSecurityDescriptorLength
BuildTrusteeWithNameW
RevertToSelf
CryptAcquireContextA
RegOpenKeyExA
CreatePrivateObjectSecurity
CryptGenKey

Sections

.text
Size: 36KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bd0bb669346bd0a271c9d07bbb26ef9

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

comdlg32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 348KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 282KB - Virtual size: 282KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 36KB - Virtual size: 348KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 16KB - Virtual size: 16KB