be829941bc58a21b0056fefea6bb3691_JaffaCakes118

General

Target

be829941bc58a21b0056fefea6bb3691_JaffaCakes118
Size

162KB
MD5

be829941bc58a21b0056fefea6bb3691
SHA1

a08e290e8ee10d169a13680a5ef273f4027d03d6
SHA256

89f18fe2c71b85f29fcfaf989ad4e849faeadad3f63e30699ffae05b965a4f8c
SHA512

1acbe9cd1a627c1b088051dafec435e09f16b11b5e1aae8ca999317dea302ddfabd8697efc916a52dca0b57ea04421467000455c19de4e0e5ca8f98fd4265b9c
SSDEEP

3072:DXaoFPggChnykihxrJD+U4/Ll5TO1Rtb/m0x13mu7Z2YlxF97215KjpoaWFJd:DX0CZqD4/m0x1W+ZDv521sFzWFL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be829941bc58a21b0056fefea6bb3691_JaffaCakes118

Files

be829941bc58a21b0056fefea6bb3691_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0240f4523b8ac2a1105034cc3f45557d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetStdHandle
GetModuleHandleA
GetUserDefaultLCID
GetStartupInfoA
MultiByteToWideChar
CompareStringA
QueryPerformanceCounter
lstrcmpiW
lstrlenA
lstrcpynA
VirtualProtect
GetVersionExA

user32

GetSysColor
UnhookWindowsHookEx
GetDlgItem
DrawMenuBar
SystemParametersInfoA
CallNextHookEx
DestroyWindow
CreateMenu
GetFocus
IsRectEmpty

msvcrt

log10
_except_handler3
exit
__getmainargs
memcmp
strspn
__set_app_type
__p__commode
ftell
__p__fmode
_initterm
_acmdln
malloc
_XcptFilter
_adjust_fdiv
_snwprintf
__setusermatherr

shell32

SHFileOperationW
DragAcceptFiles
FindExecutableW
DragFinish
SHGetFolderPathW
DragQueryFileW
SHChangeNotify
SHAddToRecentDocs
SHFileOperationA
SHCreateDirectoryExW

advapi32

QueryServiceStatus
RegEnumKeyW
ControlService
RegCreateKeyA
GetSecurityDescriptorDacl
GetLengthSid
DeleteService
CryptAcquireContextA
CloseServiceHandle
LookupPrivilegeValueW
RegOpenKeyW
RegEnumValueW

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_GetBkColor
InitializeFlatSB
CreateToolbarEx

ole32

OleUninitialize
CoInitializeEx
OleGetClipboard
PropVariantClear
StringFromCLSID
OleDraw
CoRegisterClassObject
CoUninitialize

oleaut32

SafeArrayGetUBound
SysFreeString
VariantInit
SysAllocStringLen
VariantClear
SysStringLen
SysAllocStringByteLen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0240f4523b8ac2a1105034cc3f45557d

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

advapi32

comctl32

ole32

oleaut32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 150KB - Virtual size: 149KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 150KB - Virtual size: 149KB

.data
Size: 6KB - Virtual size: 6KB