870628af1535fc8cd76798a678fd29c1_JaffaCakes118

General

Target

870628af1535fc8cd76798a678fd29c1_JaffaCakes118
Size

54KB
MD5

870628af1535fc8cd76798a678fd29c1
SHA1

3927327ec212eab312bc8f4c0a328c5a6b6c99e0
SHA256

1cb1bba032dbadbb7ac69520ca7c3d12cc6670a34408f47d1a9ae3d44e7e9d3f
SHA512

1f82cbd79f33aeb970e392784830c49a6f7d772af6738a64aa58be80286fd0aeecaad96a587bd17da49de00aee924cd02bf55e89cc15ceadd0d5433066bb9ddd
SSDEEP

768:6tpx8qylfPWkZYRq/l/oJxiLTFvJWTCoiUpcKDCBCzSi73SiF1VCW9b+A9YWZg:kQ5JPWkZx9GyzvUGHBCGiDPwqbZuWZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
870628af1535fc8cd76798a678fd29c1_JaffaCakes118

Files

870628af1535fc8cd76798a678fd29c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93a060c497e86a138895b0939f655839

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuA
GetDlgCtrlID
CreateIconIndirect

kernel32

TerminateProcess
lstrlenW
lstrcatA
CloseHandle
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindClose
FreeEnvironmentStringsW
GetCommandLineA
GetCurrentThread
GetFileTime
GetModuleHandleA
GetProcessWorkingSetSize
GetStartupInfoA
GetSystemInfo
GetVersionExA
GlobalAlloc
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
IsValidCodePage
MultiByteToWideChar
RtlUnwind
SetLastError
UnmapViewOfFile
TlsSetValue

setupapi

SetupGetStringFieldA
SetupEnumInfSectionsW
SetupDiGetClassDevsA

olepro32

OleIconToCursor

oleacc

GetStateTextA
WindowFromAccessibleObject
CreateStdAccessibleProxyW
GetRoleTextW
AccessibleObjectFromPoint
CreateStdAccessibleProxyA

advapi32

GetMultipleTrusteeW
GetFileSecurityA
MakeAbsoluteSD2
RegDisablePredefinedCache

security

QueryCredentialsAttributesW
QueryContextAttributesW
EnumerateSecurityPackagesW
DeleteSecurityPackageW

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93a060c497e86a138895b0939f655839

Headers

File Characteristics

Imports

user32

kernel32

setupapi

olepro32

oleacc

advapi32

security

Sections

.text Size: 41KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB