aecd93ae4e717a9db9a667b0ecbbc3c1_JaffaCakes118

General

Target

aecd93ae4e717a9db9a667b0ecbbc3c1_JaffaCakes118
Size

38KB
MD5

aecd93ae4e717a9db9a667b0ecbbc3c1
SHA1

c3087fe30b6b304c25c08327796b009026043a1b
SHA256

ca9ac486b2705cf04f517ce718ade991c3a932b057a04b197b03a1e12b120859
SHA512

592176b8d7d3a2f700c79787420914f5c3e137a8c82ccd32a8ee37e433266aec3627b67983faa49de13c9f3ff8a3a4d80e0edec49dc89a817c74879ce8891521
SSDEEP

768:GdkaS4B154c8BvNxFiS8FxP18mLEMwp51T/OyhRSGjJ2:WtS4EFNrSPFA3TmyhRZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aecd93ae4e717a9db9a667b0ecbbc3c1_JaffaCakes118

Files

aecd93ae4e717a9db9a667b0ecbbc3c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f55e8e175813dff0dbd185b2db4f262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleGetIconOfClass
OleDraw
CoUnmarshalInterface
OleDoAutoConvert
CoReleaseMarshalData
OleFlushClipboard
BindMoniker
CoInitialize
CoTaskMemRealloc
OleQueryCreateFromData
CoInstall
CoGetCurrentProcess

msvcrt

_ltow
free
fopen
_itow
_beginthreadex
bsearch
abs
wcschr
strncat
wcsncat
wcsrchr
_snprintf

kernel32

LoadResource
SetUnhandledExceptionFilter
LocalAlloc
GetFileTime
InterlockedExchange
GetThreadContext
GetCurrentProcessId
lstrcpyA
SetEndOfFile
GlobalUnlock
CompareStringA
FatalAppExitA
WriteFile
QueryPerformanceCounter
GetModuleHandleA
OutputDebugStringA
TlsAlloc
SetEvent
IsValidLocale
GetCommandLineW

advapi32

GetKernelObjectSecurity
CreateProcessAsUserA
RegDeleteKeyA
LookupAccountSidA
AddAccessAllowedAce
EqualSid
LookupAccountNameA
LookupPrivilegeValueW
GetSidSubAuthority
IsValidSecurityDescriptor
FreeSid
IsValidSid

gdi32

CreateSolidBrush
RectInRegion
LineTo
GetStockObject
GetBkColor
DeleteDC
SelectObject
Polyline
EndDoc
SaveDC
SetMapMode

user32

DialogBoxParamA
SetMenuItemBitmaps
GetFocus
LoadBitmapA
GetWindowRect
GetKeyState

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f55e8e175813dff0dbd185b2db4f262

Headers

File Characteristics

Imports

ole32

msvcrt

kernel32

advapi32

gdi32

user32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 65KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 65KB

.rsrc
Size: 1KB - Virtual size: 1KB