aae931c4bd1f63a1d044a5c7783656f6_JaffaCakes118

General

Target

aae931c4bd1f63a1d044a5c7783656f6_JaffaCakes118
Size

162KB
MD5

aae931c4bd1f63a1d044a5c7783656f6
SHA1

ecfa79957552a703cd2aeefd098b81b094db85d3
SHA256

7ca88541ad807e446a5bf9a8f66f0e967f8bdc8d5cd4bda4043e90c4a83ea8e8
SHA512

0b2e828ee10dd9d9eb091a4c7ac65f3f376e6c755dae8eeaf120f8a077f3e567042b6ce8502188ee4a3bd31a6d8d0cec9a2f85d8f46b837b266d5e5267d3933d
SSDEEP

3072:5yM0E+5k7fPFkbKVmD33OhtDP4s+HeSd3aIASpgQLLphhAlImONO5pm7tRdMiSf/:o/5UUxD3ehTijquzXhAOmOYADW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aae931c4bd1f63a1d044a5c7783656f6_JaffaCakes118

Files

aae931c4bd1f63a1d044a5c7783656f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

633cf4f4986bbea14620ed758e4e739e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

kernel32

WideCharToMultiByte
CreateFileMappingW
FillConsoleOutputAttribute
GlobalAlloc
MultiByteToWideChar
InitializeCriticalSection
GetProcessPriorityBoost
lstrcmpiW
lstrcpyW
GetCPInfo
GetACP
lstrcpyA
EnumResourceNamesW
GetTickCount
OutputDebugStringW
FreeEnvironmentStringsW
lstrlenW
LockResource
FindClose
GetLastError
GlobalFree
GetModuleHandleW

gdi32

GetTextMetricsW
SelectObject
GetOutlineTextMetricsW
DeleteObject
CreateFontIndirectW
AddFontResourceExW

shell32

SHGetFileInfoW

advapi32

RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW

user32

GetDC
SetTimer
CharUpperW
PostThreadMessageW
TranslateMessage
GetWindowLongA
GetMessageW
DispatchMessageW
KillTimer
wsprintfW
CharNextW
UnregisterClassA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemRealloc
CoRegisterClassObject
StringFromGUID2
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

633cf4f4986bbea14620ed758e4e739e

Headers

File Characteristics

Imports

psapi

kernel32

gdi32

shell32

advapi32

user32

ole32

oleacc

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 59KB - Virtual size: 58KB

.isete Size: 1024B - Virtual size: 248KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 59KB - Virtual size: 58KB

.isete
Size: 1024B - Virtual size: 248KB