d030bb82e15447d0fcd705e95ff2f857_JaffaCakes118

General

Target

d030bb82e15447d0fcd705e95ff2f857_JaffaCakes118
Size

25KB
MD5

d030bb82e15447d0fcd705e95ff2f857
SHA1

129f17afaf271b03a642c7c38d6219bf8362f2f6
SHA256

1f86aaa728fd443c76c5084432095827b7d946ae3a14c540887473c0582189d2
SHA512

859242b7e62da658d3a5b1de699aaa28a18b64385ef2bf7448a6e878e4ca8d8818e9ecc154228b2a6151296d72541dfa97998cfebc42c2aec1a12b7eb66d5590
SSDEEP

768:DhKyVekt2hQBsuI1HugQn98lLZFmDcrglY:NKyihEqbdlLZFmDCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d030bb82e15447d0fcd705e95ff2f857_JaffaCakes118

Files

d030bb82e15447d0fcd705e95ff2f857_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1999835ea3050c824b8bbf7c24026727

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetRgnBox
SelectFontLocal
SelectPalette
PtInRegion
GetStringBitmapA

kernel32

GetVolumePathNameW
FindFirstVolumeMountPointA
DebugActiveProcess
GetCurrentDirectoryA
GetLocalTime
GetModuleHandleA
HeapUnlock
SetDefaultCommConfigW
QueryPerformanceFrequency
OpenWaitableTimerW
GetCommandLineA
SetConsoleMode
GlobalCompact
GetStartupInfoA
GetProfileSectionA

ole32

RevokeDragDrop
DllGetClassObjectWOW
CoRevertToSelf
CoTreatAsClass
MkParseDisplayName
OleSave

user32

GetClipboardData
OpenWindowStationA
DdeFreeDataHandle
PeekMessageW
KillSystemTimer
MBToWCSEx
MenuWindowProcW
IsClipboardFormatAvailable

advapi32

ChangeServiceConfig2W
SystemFunction012
GetSecurityDescriptorControl
AccessCheckByTypeAndAuditAlarmA
ElfChangeNotify
QueryServiceStatus
WmiQuerySingleInstanceA
CryptEncrypt
LsaQuerySecret

msvcrt

strspn
_getch
signal
wcsspn
__RTDynamicCast
__p__iob
time
_chsize
_clearfp
wcsncat

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1999835ea3050c824b8bbf7c24026727

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ole32

user32

advapi32

msvcrt

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 976B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 976B