8ab6dc73af0aecb4529ecbacd8ff579d_JaffaCakes118

General

Target

8ab6dc73af0aecb4529ecbacd8ff579d_JaffaCakes118
Size

859KB
MD5

8ab6dc73af0aecb4529ecbacd8ff579d
SHA1

162b0091e06105973c98b5a881ee551cebe13633
SHA256

47935505b18710f00312d3e8ce03b081fbfa5faa0327b29487180a351bcd5fd0
SHA512

0ca92853250c63eae983534a6b990712e159fa15efe06ca4d73d9ec2545f0b2a975961ce5d1a72d75dca38c2a438c23d24c2b5bad1be882f201d6a871abdc732
SSDEEP

12288:agWB2SKgipnXOSG4rQ38EJdVrd4V+jWlGYmJRcu5kSlidJAtVbi7EPZ6uTK1eyxi:VVX/rCTHd+wYSRzkSlCGqE4uTK1Lt6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab6dc73af0aecb4529ecbacd8ff579d_JaffaCakes118

Files

8ab6dc73af0aecb4529ecbacd8ff579d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

774d5c50d913f459f8b851e6312a639b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
lstrcpyA
FreeLibrary
GetCurrentThread
GetShortPathNameA
CreateFileMappingA
GetCPInfo
DeleteCriticalSection
GlobalAlloc
SearchPathW
FileTimeToLocalFileTime
GetTempPathW
SetFileAttributesA
lstrcpyW
RaiseException
VirtualAlloc
GetSystemTimeAsFileTime
GetTempFileNameA
SetEvent
UnhandledExceptionFilter
LeaveCriticalSection
LoadLibraryA
InterlockedCompareExchange
GlobalHandle
InterlockedIncrement
CopyFileA
MultiByteToWideChar
lstrlenA
IsDBCSLeadByte
TlsFree
EnterCriticalSection
InitializeCriticalSection
LCMapStringA
CopyFileW
LoadLibraryExA
GetVersionExW
GetEnvironmentStringsW
CreateSemaphoreW

user32

MapWindowPoints
CharUpperA
ReleaseDC
GetWindowTextA
GetScrollInfo
GetMenuItemCount
SendDlgItemMessageA
UnregisterClassW
ShowWindow
GetPropA
FillRect
CopyRect
SetScrollPos
GetMessageW
IsDlgButtonChecked
GetWindow
PostMessageA
DrawIconEx
OpenClipboard
CheckMenuItem
IsWindowEnabled
RegisterClipboardFormatW
SetParent
GetDlgItem
EndDialog
PeekMessageA
SetDlgItemTextW
DrawFocusRect

advapi32

EqualSid
RegQueryInfoKeyW
RegCreateKeyW

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

774d5c50d913f459f8b851e6312a639b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 666KB - Virtual size: 666KB

.data Size: 2KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 666KB - Virtual size: 666KB

.data
Size: 2KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB