89f007ae278e08b54ccfc87d4e4be014_JaffaCakes118

General

Target

89f007ae278e08b54ccfc87d4e4be014_JaffaCakes118
Size

400KB
MD5

89f007ae278e08b54ccfc87d4e4be014
SHA1

679a42eab96d0e5b404e4699fe17933b57913b39
SHA256

15fc7b0594461d18fc9823c46b93d2fcad90e868513bec5b9994e70f6650a4b0
SHA512

0f93110bbd6a6b9bbaafc0131c22b4e1e2753012dd746da301767070181128dc9fe9af8fe2bc4f78b4ad1082beaa5fc803e179a6b21b8bf28d3845a6a2c47546
SSDEEP

6144:YN+8/b8b30bJNt45t+L+D+V/KyPFc2cZehSHNrk+K1moMDrKpENe7q:YrO0Lt45tlD+DPaPZltrymoMSpENcq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f007ae278e08b54ccfc87d4e4be014_JaffaCakes118

Files

89f007ae278e08b54ccfc87d4e4be014_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b5a9904dd1d00ec163bc74ba6a5434c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetColorSpace
CreateCompatibleDC
QueryFontAssocStatus
SelectPalette
PolyTextOutA

kernel32

GetCommandLineA
EnumSystemCodePagesA
Process32NextW
SetFileAttributesW
GetModuleHandleA
BackupWrite
QueryPerformanceCounter
GetStartupInfoA
GetCPInfoExW
GetThreadLocale
GetProfileIntA
VirtualProtect
LoadModule
GetConsoleCommandHistoryLengthW
GetProfileSectionA
CreateIoCompletionPort
EnumDateFormatsExA

user32

SetMenu
LoadImageA
VkKeyScanW
DdeAccessData
CharToOemBuffA
GetAltTabInfoA
GetDialogBaseUnits
InsertMenuItemW

msvcrt

_onexit
_except_handler3
wcscpy
_mbctype
_tempnam
_unlock
_mbsnbcnt
_wenviron
_wspawnl
_control87

advapi32

CryptEnumProvidersW
FileEncryptionStatusA
ChangeServiceConfig2W
ElfCloseEventLog
ControlService
RegQueryInfoKeyA
WmiMofEnumerateResourcesA
CryptDestroyHash
BuildImpersonateTrusteeW

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5a9904dd1d00ec163bc74ba6a5434c9

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 396KB - Virtual size: 396KB

.data Size: 2KB - Virtual size: 568KB

.rsrc Size: 1024B - Virtual size: 788B

.text
Size: 396KB - Virtual size: 396KB

.data
Size: 2KB - Virtual size: 568KB

.rsrc
Size: 1024B - Virtual size: 788B