d456f164df952ccafdd37c03d9d2665e_JaffaCakes118

General

Target

d456f164df952ccafdd37c03d9d2665e_JaffaCakes118
Size

55KB
MD5

d456f164df952ccafdd37c03d9d2665e
SHA1

f59c9cd7a93df8d03ad06d74525c94a60d0377cc
SHA256

d19a781f9eefd7339ff26d3d116c1f8152f41c35ba78912c5f911a31c203f065
SHA512

ba6be8a457339fbe71ba42b1bc4192feb38e90bb8b667769dc0698fdf9926d8267043dd571e2f042b83aa2479260185372a3127cf8c69024f7bbc3f24c0cec82
SSDEEP

1536:Zrtcy6EF+B4kNu4R1eVgJnuzCVxYyc7FePVlgPqa:ZIB8tVgoz0xYyczCa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d456f164df952ccafdd37c03d9d2665e_JaffaCakes118

Files

d456f164df952ccafdd37c03d9d2665e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c5d2a8f3c7539725e343f47c1baf381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetDevicePowerState
GetFileAttributesA
GetLogicalDriveStringsA
GetThreadContext
GlobalGetAtomNameW
GlobalLock
Heap32Next
IsSystemResumeAutomatic
LockFile
OpenMutexW
SetProcessPriorityBoost
SystemTimeToFileTime
WaitForMultipleObjectsEx
lstrcpyA

advapi32

AbortSystemShutdownA
AddAccessDeniedAce
AreAnyAccessesGranted
BackupEventLogA
BuildTrusteeWithSidA
ConvertAccessToSecurityDescriptorW
CreateServiceW
CryptGenKey
GetMultipleTrusteeW
GetSecurityDescriptorControl
RegEnumKeyA
RegOpenKeyExW
RegQueryMultipleValuesW
SetSecurityDescriptorSacl
SetTokenInformation

user32

ArrangeIconicWindows
ChangeDisplaySettingsExA
CharLowerW
CreateWindowExA
DdeEnableCallback
DialogBoxIndirectParamA
DrawCaption
GetKeyboardLayoutList
GetWindowRgn
InsertMenuItemA
InvertRect
MapDialogRect
ScrollWindow
SendDlgItemMessageA

shell32

DllCanUnloadNow
DoEnvironmentSubstA
ExtractAssociatedIconW
ExtractIconEx
PrintersGetCommand_RunDLLA
RealShellExecuteExW
RealShellExecuteW
SHChangeNotify
SHFreeNameMappings
SHGetFileInfoA
SheGetDirA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c5d2a8f3c7539725e343f47c1baf381

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 51KB - Virtual size: 52KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 51KB - Virtual size: 52KB