a32cd8d71ec561cca7658416a7b93929_JaffaCakes118

General

Target

a32cd8d71ec561cca7658416a7b93929_JaffaCakes118
Size

627KB
MD5

a32cd8d71ec561cca7658416a7b93929
SHA1

bc9f07aa1c8ca43a4820f0c9705b2490aee43e60
SHA256

c149cfb64b61e437fda8e3d48d433878a1c72031b88679d66f431401b90ee412
SHA512

dda7d89f9342983643542b23657d0811a8da2b7132d8e95ac0c0886a394d8fc699d0e0280e5578a02de02fed0bd82467ebe02a89af50deb21eda8672a6eed08d
SSDEEP

12288:juop2EAmdc7FXfm18FDJXZi7aIdR2f3OiAn6tekvluhr28y3GUS:juop2EAm4F+184aykvRC70I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a32cd8d71ec561cca7658416a7b93929_JaffaCakes118

Files

a32cd8d71ec561cca7658416a7b93929_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89f727340a5ab3c21c08ef395d5f2c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetLastError
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapFree
HeapAlloc
GetStdHandle
Sleep
LoadLibraryW
GetCurrentThread
GetVersion
WaitForSingleObject
GetStartupInfoA

user32

EmptyClipboard
OpenClipboard
CloseClipboard
ExitWindowsEx
DrawMenuBar
RemoveMenu
CheckMenuRadioItem
CreateMenu
SetMenuItemBitmaps
RegisterWindowMessageA
DispatchMessageW
TranslateMessage
PostQuitMessage
LoadBitmapA
GetKeyState
SetUserObjectSecurity
GetUserObjectSecurity
GetWindow
SendMessageTimeoutA
GetDlgCtrlID
SetClipboardData
EnumWindows
CheckRadioButton

advapi32

ControlService
LookupPrivilegeValueW
AdjustTokenPrivileges
SetServiceStatus
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CloseServiceHandle

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
div
abs
feof

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89f727340a5ab3c21c08ef395d5f2c5b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 35KB - Virtual size: 45KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 35KB - Virtual size: 45KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB