a3778b36a798fd46097a6caffba490cb_JaffaCakes118

General

Target

a3778b36a798fd46097a6caffba490cb_JaffaCakes118
Size

164KB
MD5

a3778b36a798fd46097a6caffba490cb
SHA1

f83e29b44fdead5cb739700200b3880eb1848610
SHA256

66cbf5f2916b4e748a0e07d8cc5fdbcb423ce9839253e698d8c8995e07cab9a3
SHA512

638a77088f4831b4f6a514081902b871f0b7f60df787058c0ae8f894623147a8581aeb693a3d1c10bddad6a47e35c0d9b835f8600eba5aed8b1531758f481952
SSDEEP

3072:Ep4O0G9EPHBE6NhRFk+P77NNpyeB1xprfaRtpyZoaXz9mcWB0VTbVEp/gyaP:YCwEvBHNh3P77NF1FaRPy7DwUn6za

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3778b36a798fd46097a6caffba490cb_JaffaCakes118

Files

a3778b36a798fd46097a6caffba490cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

147c15d47bfdfe428ea1bf8048b83cc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegSetValueExW

user32

wsprintfW
PostThreadMessageW
SetTimer
DispatchMessageW
KillTimer
TranslateMessage
GetMessageW
GetDC
CharUpperW
CharNextW
GetWindowLongA
UnregisterClassA

shell32

SHGetFileInfoW

psapi

GetProcessMemoryInfo

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemFree
CoRevokeClassObject
CoTaskMemRealloc
CoInitialize
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
StringFromCLSID

gdi32

GetOutlineTextMetricsW
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SelectObject
AddFontResourceExW

kernel32

FillConsoleOutputAttribute
lstrcpyA
OutputDebugStringW
CreateFileMappingW
GlobalFree
GetProcessWorkingSetSize
GetACP
lstrcpyW
GetTickCount
lstrlenW
EnumResourceNamesW
WideCharToMultiByte
GetLastError
FindClose
FreeEnvironmentStringsW
lstrcmpiW
MultiByteToWideChar
InitializeCriticalSection
GlobalAlloc
LockResource
GetCPInfo
GetModuleHandleW

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

147c15d47bfdfe428ea1bf8048b83cc0

Headers

File Characteristics

Imports

advapi32

user32

shell32

psapi

oleacc

ole32

gdi32

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 57KB - Virtual size: 57KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 57KB - Virtual size: 57KB

.isete
Size: 1024B - Virtual size: 244KB