b195c99abb9355213858f56d675e4ada_JaffaCakes118

General

Target

b195c99abb9355213858f56d675e4ada_JaffaCakes118
Size

23KB
MD5

b195c99abb9355213858f56d675e4ada
SHA1

c9291ad9b6bc604e5bb5033896c8127677339f76
SHA256

f5c301d803a13acb3dd09433b4f83a24bfd1b88c8c6ede03cd9507a85e900e2f
SHA512

c1c3ae807345e0b559f366950f65b24bcbe76777b9cd1d69b377eee137f40f5fc6bf0ffaeea2dd7e9f53b078c80f251e35398b13ab4e3efddf74fd7865484ef0
SSDEEP

384:9B7DyimmZ4GVWvlJO0NTGZtOfKReys/FPSMB3n1Nl8VKH66FiAM4tpDrfxV5Ile7:fH94G0jJfE4/NrBW4z3M+DrfxCe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b195c99abb9355213858f56d675e4ada_JaffaCakes118

Files

b195c99abb9355213858f56d675e4ada_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c39d43ab7b69fb0754047996c23903b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
CreateFileMappingW
CreatePipe
ExitProcess
GetLogicalDrives
GetProcAddress
GetProcessAffinityMask
GetProfileSectionA
GetSystemTimeAdjustment
OpenProcess
WriteTapemark
lstrcatA
lstrcmp

advapi32

AccessCheck
AccessCheckAndAuditAlarmA
ChangeServiceConfigW
ConvertSecurityDescriptorToAccessNamedA
CryptGenRandom
CryptGetKeyParam
GetAclInformation
GetTokenInformation
OpenBackupEventLogA
RegGetKeySecurity
RegOpenKeyExW
RegQueryMultipleValuesA
RegRestoreKeyA
RegSetKeySecurity

user32

AdjustWindowRectEx
BroadcastSystemMessageA
EndDialog
EnumChildWindows
GetClipboardSequenceNumber
GetDC
GetInputState
GrayStringA
IsCharUpperW
MessageBoxIndirectA
SendDlgItemMessageA
SetFocus
SetWindowsHookA
WindowFromPoint

gdi32

CreateMetaFileA
EnumFontFamiliesW
EqualRgn
GetCurrentObject
GetDCOrgEx
GetTextAlign
GetViewportExtEx
GetWindowExtEx
Pie
RectVisible
SetBkMode
SetFontEnumeration
SetPaletteEntries

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c39d43ab7b69fb0754047996c23903b2

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 212KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 212KB