abc2b49d811710dccda4fdbce868446e_JaffaCakes118

General

Target

abc2b49d811710dccda4fdbce868446e_JaffaCakes118
Size

42KB
MD5

abc2b49d811710dccda4fdbce868446e
SHA1

beda46ce3ca56fb2df66fd58c9f1f64f9342998e
SHA256

96117b211844bad531d2dee67660fb475b1a3fcd906d45f09e96adea7e491021
SHA512

d303ff4764d5f990da38c82d01844787193939ca1a19e47e479288a651395155c47d43847b33da6694111e49145f6a0f4caf2d793d30f1920b1b7004b8924d12
SSDEEP

768:IxEyoaf9YX2EV3K8M5Xx56/DNgPZuvmPVTwz7yUs4eFG42xYV:MES02c3XMXyNWZ+2VEyUs4ew4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abc2b49d811710dccda4fdbce868446e_JaffaCakes118

Files

abc2b49d811710dccda4fdbce868446e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a6ff96752cda607c116ea7a62a9c77c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseProfileUserMapping
EnumResourceLanguagesW
ExitProcess
FileTimeToLocalFileTime
GetComputerNameA
GetConsoleOutputCP
GlobalAddAtomA
HeapFree
OpenProfileUserMapping
OpenWaitableTimerA
PeekConsoleInputW
ReleaseMutex
RemoveDirectoryW
SetConsoleMode
SetEnvironmentVariableW
SetSystemPowerState
SetThreadLocale
SystemTimeToFileTime
TerminateProcess
WriteConsoleOutputW
lstrcatW
lstrcpyA

advapi32

AddAccessAllowedAce
CloseEventLog
CryptDeriveKey
CryptGetKeyParam
CryptSetProviderA
DeregisterEventSource
EnumDependentServicesW
EnumServicesStatusW
GetAclInformation
LookupPrivilegeValueA
LookupSecurityDescriptorPartsA
ObjectDeleteAuditAlarmW
QueryServiceConfigA
QueryServiceLockStatusW
ReadEventLogW
RegEnumValueW
RegQueryInfoKeyW
RegQueryMultipleValuesA
RegQueryValueExA
RegQueryValueExW

user32

CopyIcon
CreateIconFromResourceEx
DdeQueryStringA
DlgDirSelectComboBoxExA
EditWndProc
ExcludeUpdateRgn
GetAsyncKeyState
GetCaretPos
GetKeyNameTextA
GetUpdateRgn
GetWindowModuleFileNameA
IsDialogMessageW
LookupIconIdFromDirectory
MenuItemFromPoint
OemToCharA
OemToCharBuffA
RegisterSystemThread
SetRectEmpty
TrackPopupMenu
ValidateRgn

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a6ff96752cda607c116ea7a62a9c77c

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 40KB - Virtual size: 56KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 40KB - Virtual size: 56KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 8KB