d32d24a0ba795a0b4b37a8472e1a007a_JaffaCakes118

General

Target

d32d24a0ba795a0b4b37a8472e1a007a_JaffaCakes118
Size

24KB
MD5

d32d24a0ba795a0b4b37a8472e1a007a
SHA1

824e783623eefe401a3c496a9a769aa2aa319da9
SHA256

a2250b8f32f23961a0b1b622848c71e5a5f9331a32c43ca3979f79bd77859d87
SHA512

f3d81998aee5fe377c166691d889d5a03671d974850733ead26310fad2fedbd3cf949e98174265395d7daa3b8efbcc8778d0960707553acb3f14b38f3b36c7f7
SSDEEP

384:QWoDf14sPrY3Oom2YGt4sj2kpYv7L1K5Ni/y46CLe92Zv8cCir0:K5E/dt4sj24MoDiq478cCir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d32d24a0ba795a0b4b37a8472e1a007a_JaffaCakes118

Files

d32d24a0ba795a0b4b37a8472e1a007a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f44dc2f0a4ee3fc3f3d0edc64b4a4617

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAcceleratorW
GetClassInfoExW
SendMessageA
UserRegisterWowHandlers
CopyAcceleratorTableA
AppendMenuW
UnregisterDeviceNotification
UserRealizePalette

advapi32

SystemFunction014
CreateRestrictedToken
I_ScSetServiceBitsW
LsaClose
CreateProcessAsUserA
StartServiceCtrlDispatcherA
UnlockServiceDatabase
BuildExplicitAccessWithNameA
SystemFunction004

ole32

OleCreateStaticFromData
HMETAFILE_UserUnmarshal
IsValidPtrIn
StringFromIID
CreateErrorInfo
CoFreeAllLibraries

gdi32

AddFontResourceTracking
GdiPlayJournal
SetMiterLimit
GetPaletteEntries
LineDDA

kernel32

GlobalFlags
GetLongPathNameA
GetModuleHandleA
GetModuleHandleW
SetConsoleWindowInfo
lstrcmpi
CopyFileW
OpenConsoleW
GetCommandLineA
ConnectNamedPipe
CreateRemoteThread
lstrcpyW
GetStartupInfoA
lstrcatA
GetVersionExA

msvcrt

__RTDynamicCast
_cabs
__p__winminor
_winminor
_mbsbtype
_mbsnbcpy
_mbsnbcpy
difftime
__mb_cur_max
__unDName

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f44dc2f0a4ee3fc3f3d0edc64b4a4617

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

ole32

gdi32

kernel32

msvcrt

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 916B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 916B