bca174bbcd991f7b513de2b2dc7b6484_JaffaCakes118

General

Target

bca174bbcd991f7b513de2b2dc7b6484_JaffaCakes118
Size

386KB
MD5

bca174bbcd991f7b513de2b2dc7b6484
SHA1

69492375e5c474a9d524dd2ae25a9f40dc856a42
SHA256

68c1529e8c07fde43c30d16fd1535ba12c5df8683f73eb5fcf7d026217ec6ca8
SHA512

56c16806da41d31f8ccd520658d85212b2ed1637b17b9c0746ee8493022d3e2e123963a4babaab0ff7a2939633055c41749aba3a419af4d63cd92577c58abbc2
SSDEEP

12288:NncLNUzAbVIm4nIJZleLxvJ1c+YDnQliwRFK/8f:Nn+4ABjJmLxmQlU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bca174bbcd991f7b513de2b2dc7b6484_JaffaCakes118

Files

bca174bbcd991f7b513de2b2dc7b6484_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ad28234c83f22a3a86135135b2cf870

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_mbsrchr
_close
iswpunct
_ltow
_spawnvp
_wfindfirst
_snwprintf
setvbuf
_adj_fprem1

ole32

HWND_UserSize
OleDraw
CoDeactivateObject
HMETAFILEPICT_UserSize
OleRun
DllDebugObjectRPCHook

user32

LoadCursorFromFileA
MapDialogRect
LoadStringA
QuerySendMessage
CallMsgFilter
GetDCEx
ReplyMessage
EnumDesktopsW

kernel32

SetFileApisToOEM
ConvertThreadToFiber
GetModuleHandleA
_lwrite
CreateDirectoryW
GetLocaleInfoA
GetCommandLineA
RegisterConsoleIME
EnumUILanguagesW
Heap32ListFirst
GetStartupInfoA
GetConsoleTitleW
WriteFile
GetThreadContext
GetNumberFormatA

gdi32

SetMapperFlags
FillRgn
CreateFontIndirectW
GetTextExtentExPointW
GdiConvertBitmap

advapi32

WmiQueryAllDataA
CryptSetKeyParam
BuildSecurityDescriptorA
RegQueryValueA
CryptGetHashParam
GetTrusteeFormA
AccessCheckByTypeResultList
WmiDevInstToInstanceNameW
ConvertSecurityDescriptorToAccessA

Sections

.text
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 545KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ad28234c83f22a3a86135135b2cf870

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ole32

user32

kernel32

gdi32

advapi32

Sections

.text Size: 382KB - Virtual size: 382KB

.data Size: 2KB - Virtual size: 545KB

.rsrc Size: 1024B - Virtual size: 916B

.text
Size: 382KB - Virtual size: 382KB

.data
Size: 2KB - Virtual size: 545KB

.rsrc
Size: 1024B - Virtual size: 916B