b132070e4da72de8ce1363e128a93ddd_JaffaCakes118

General

Target

b132070e4da72de8ce1363e128a93ddd_JaffaCakes118
Size

75KB
MD5

b132070e4da72de8ce1363e128a93ddd
SHA1

f1ccaf63a1c65f7aedc4644e14a7c2e17dec0a03
SHA256

e2d725edd46a7f1533e678718069007980a2bec23bbf328edfaf309a7dabb323
SHA512

d775ecffda31d527106fd8d42a89be04ad996e3e9d748b16e63f7d76d448ede72c6097fb544c4679cd11bcc9ece65d32513bde935b042ffe291e244dab2ced64
SSDEEP

1536:409sQm4DpawcICl+1vHlNwgNCcr3LwEh6zhz9mTWvB7fZspQZx:9S4Qwcrg/lGYp7wEh6VDdqYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b132070e4da72de8ce1363e128a93ddd_JaffaCakes118

Files

b132070e4da72de8ce1363e128a93ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1da1a8d2ce12d7e777e4d68925b7c146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetConsoleOutputCP
GetDateFormatA
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeA
GetTimeFormatA
GlobalAlloc
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchange
MulDiv
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
UnhandledExceptionFilter
lstrcmpiA
lstrcpynA
lstrlenA

user32

SetCapture
DialogBoxParamA
GetDlgItem
ShowWindow
DrawTextA
PtInRect

winmm

joyGetNumDevs
joyGetDevCapsW

ole32

CoTaskMemFree
CoCreateInstance
CoGetMalloc

advapi32

LsaSetTrustedDomainInformation
OpenEncryptedFileRawW
SetEntriesInAccessListW
RegOpenKeyA
GetAclInformation
InitiateSystemShutdownExW
GetAccessPermissionsForObjectW
CryptGetProvParam
BuildExplicitAccessWithNameA
BuildImpersonateExplicitAccessWithNameA
ConvertStringSidToSidW
CreateProcessAsUserA
CryptGenRandom

shlwapi

SHRegGetPathA
StrTrimA
StrStrW
PathRenameExtensionA

shfolder

SHGetFolderPathA

Sections

.text
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1da1a8d2ce12d7e777e4d68925b7c146

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

advapi32

shlwapi

shfolder

Sections

.text Size: 61KB - Virtual size: 64KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 64KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB