bf58c063f5d848c215dacb8d8419d0dc_JaffaCakes118

General

Target

bf58c063f5d848c215dacb8d8419d0dc_JaffaCakes118
Size

512KB
MD5

bf58c063f5d848c215dacb8d8419d0dc
SHA1

a6b5dace12a58f0c884d5d6dcd188d7224f6002c
SHA256

5127779c169c7197b4e5a14341199c879e5564ebc36f1259912e329cc21416ee
SHA512

1d305fb6e374e2b9fa55d5e1a88e3caf2c468d9e2b281f13de87a0376a5cc16ccd115e491a4009ee9112618149f445ad6a36d6220c35e7982bd19663c7afd711
SSDEEP

6144:hhFOu+QFjy3fhjbf1d0jtsD2OzUMvbyoT7yAIt:Hj6Q8VljTmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf58c063f5d848c215dacb8d8419d0dc_JaffaCakes118

Files

bf58c063f5d848c215dacb8d8419d0dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d41042ea1b563ff7ff17e09ec10500a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreW
ExitProcess
GetVersionExA
lstrlenA
VirtualAlloc
GetCommandLineA

user32

GetMenuItemID
DeleteMenu
EndDeferWindowPos
SetWindowsHookW

gdi32

EnumFontFamiliesExW
ModifyWorldTransform
CreateDiscardableBitmap
GetEnhMetaFileDescriptionA
CreateHatchBrush
GetCharWidth32A

comdlg32

ReplaceTextA

advapi32

RegReplaceKeyW
EqualSid
CryptVerifySignatureW
RegOpenKeyExW
UnlockServiceDatabase
LogonUserA
AddAce
RegEnumValueA
SetSecurityDescriptorSacl
RegSaveKeyA
CloseServiceHandle
AbortSystemShutdownW
CryptGetProvParam
CryptVerifySignatureA
CryptSetKeyParam
GetFileSecurityW
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner
RegRestoreKeyW
MakeSelfRelativeSD
CryptDestroyHash

ole32

CLSIDFromString
OleRegGetUserType
CoMarshalInterface
CoInitializeEx
CoFreeAllLibraries
OleCreate
GetClassFile
ReadClassStm
OleSetContainedObject

oleaut32

SafeArrayRedim
SafeArrayGetLBound
SetErrorInfo

comctl32

PropertySheetW
ImageList_AddMasked
_TrackMouseEvent
ImageList_Destroy

shlwapi

StrRStrIW
PathAddExtensionW
PathUnquoteSpacesA
PathRelativePathToA
StrCmpNA
PathIsFileSpecW
PathCompactPathExW
StrStrW
PathStripToRootW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d41042ea1b563ff7ff17e09ec10500a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 232KB - Virtual size: 229KB