cf73a416b3a7cc52b83d96fcc16fd222_JaffaCakes118

General

Target

cf73a416b3a7cc52b83d96fcc16fd222_JaffaCakes118
Size

208KB
MD5

cf73a416b3a7cc52b83d96fcc16fd222
SHA1

7e05f529f9b4c488614a40fce2488252bb838e9d
SHA256

eba6e837275a396f06956b7a96f7226d331941deb74ba4db76e8506dc46ecf55
SHA512

5e081a180c8536b2099ec92ca24e2058f9cc731b021325dfdf53ad8a7fef5f5c500ba9ed48fed6e24488ebe35095907be727423f392c6d08fbea3a6338e27d46
SSDEEP

3072:qRcWiYU0nA6ybYVWGsoxzxolwtcMzgE3YbKNWJHR3vQSSn31A2BhKp:INhU0AvbYVBsoXptkAcKNmOn31Ae8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf73a416b3a7cc52b83d96fcc16fd222_JaffaCakes118

Files

cf73a416b3a7cc52b83d96fcc16fd222_JaffaCakes118
.exe windows:4 windows x86 arch:x86

540197efdfaebc2d28d41ad1c89f52d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
RemoveDirectoryA
SetEnvironmentVariableA
CreateProcessA
EnumSystemCodePagesW
GetModuleHandleA
GetStartupInfoA
GetConsoleMode
lstrcpyA
GetOEMCP
ReadDirectoryChangesW
_lread
FindResourceExW
AllocConsole
lstrlenA
SwitchToFiber
VirtualAlloc

user32

ActivateKeyboardLayout
ChangeMenuA
SetCapture
SetWindowTextA
OpenWindowStationW
CallWindowProcW
GetScrollPos
GetMessageA
RegisterWindowMessageA
SetCaretPos
GetUpdateRect
GetCursorPos
ClientToScreen
SetScrollInfo
IsWindow

advapi32

LookupAccountSidW
MakeSelfRelativeSD
RegSetValueExA
RegConnectRegistryW
AbortSystemShutdownW
OpenSCManagerW
CryptSetProvParam
GetSecurityDescriptorGroup
OpenServiceW

shell32

Shell_NotifyIconW
DragQueryPoint

oleaut32

SysStringLen
VariantChangeType
SetErrorInfo

version

VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileA

msvcrt

_wputenv
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_tzset
mktime
exit
_mbscat
putchar
strftime
_strncoll
_XcptFilter
_exit
iswprint
_strcmpi
isleadbyte
_wstrdate
_chmod
isdigit
_mbsinc
_ltow
iswctype
_cwait

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

540197efdfaebc2d28d41ad1c89f52d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

version

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 196KB - Virtual size: 195KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 196KB - Virtual size: 195KB