abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118

General

Target

abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118
Size

302KB
MD5

abecec97c237fa1180cb2cd98a5cfa02
SHA1

cfbab612f0851f81576047b365f415c9fade1e55
SHA256

bdceb2b6b2c10b435048eb19fdb0f22e16d458c97904e1e30291bfc1787c668b
SHA512

ec57ed118dac0df1b38953bd42fb9e2e671c6748312896ceaef2adcbc7543a20fcd6e3e038ef4f795265c180ca0e6eba350fbc80c211098aeb0e13499fbd24b4
SSDEEP

6144:Pzt+0Kg8D9MmBct4mUjAwIwlIEOlIghDE3fHa3NI4iSOn:PpL8pRjAwIS+rlE2R8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118

Files

abecec97c237fa1180cb2cd98a5cfa02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0aad07f19ae9b45d9cf3a7b40663c9cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

ord20
ord21
ord14
ord11
ord10

user32

BeginDeferWindowPos
GetDC
SetProcessWindowStation
GetTopWindow
CreateAcceleratorTableA
GetSystemMetrics
SetMenuInfo

msvcrt

_mbscmp
_swab
rand
_ltoa
swscanf
puts
srand
__p__iob
_wchmod
?what@exception@@UBEPBDXZ
exp
_ismbcalpha
__p__osver
_access

kernel32

EnumUILanguagesW
GetVersion
_llseek
GlobalDeleteAtom
QueueUserAPC
VirtualAlloc
GetCurrentThread
GetCurrentThreadId
RtlMoveMemory
HeapValidate
GetLastError
GetEnvironmentVariableA
ExitProcess
GetCommandLineW
CommConfigDialogA
GetACP
WriteProfileSectionA
GetCurrentProcess
GetModuleHandleA
GetVersionExA
Sleep
GetTickCount
GetProcessHeap
GlobalGetAtomNameW
GetVolumeNameForVolumeMountPointW
GetModuleHandleW
GetCommandLineA
GetFileAttributesExW
GetCurrentProcessId

olesvr32

ord6
ord3
ord10
ord7
ord2
ord5

activeds

ord23
ord4
ord18
ord15
ord5
ord3
ord25

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 120KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aad07f19ae9b45d9cf3a7b40663c9cc

Headers

DLL Characteristics

File Characteristics

Imports

cabinet

user32

msvcrt

kernel32

olesvr32

activeds

Sections

.text Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 37KB

.idata Size: 120KB - Virtual size: 214KB

.data Size: 156KB - Virtual size: 248KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 37KB

.idata
Size: 120KB - Virtual size: 214KB

.data
Size: 156KB - Virtual size: 248KB

.rsrc
Size: 17KB - Virtual size: 17KB