d64610a729ef61d1129868346f42ccb1_JaffaCakes118

General

Target

d64610a729ef61d1129868346f42ccb1_JaffaCakes118
Size

176KB
MD5

d64610a729ef61d1129868346f42ccb1
SHA1

765fce6c14f8a7de56cf878fee015f42b578a297
SHA256

e0d68f260c6f44796155ae3025fe82418cda29058e6695e7797342a6daf12ca2
SHA512

4c9206044840459e58571994c8796dda48709cc03d830444ac58e48b532907d19e34eac89a74f3325beec9760d4b8f7cb0cc7c58296057bdb73e1f42333c2ba2
SSDEEP

3072:1YW+Yqm39q//+12t1oMamJ7fKgyx4nuMY/hAAwZR+0FBNPlvTc1ZXNNNN:1YW+JmNq/G12nfUVxyuF3wZ80FBNtvTo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d64610a729ef61d1129868346f42ccb1_JaffaCakes118

Files

d64610a729ef61d1129868346f42ccb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4b307a65fddb88958c1bc2c50431ded

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetStartupInfoA

user32

PostMessageW
GetMenuStringW
SetCapture
AllowSetForegroundWindow
DestroyIcon
DefWindowProcW
LoadIconA
RegisterClassW
SetActiveWindow
GetMenu
TrackPopupMenu
DestroyMenu
SetWindowLongW
ShowWindowAsync
OffsetRect
ReleaseCapture
AdjustWindowRectEx
DrawFocusRect
MessageBeep
MoveWindow
GetKeyState
DestroyWindow
CreateWindowExA
SetMenuItemInfoA
GetMenuItemCount
ClientToScreen
GetActiveWindow
CheckMenuItem
CreateWindowExW
SetWindowTextW
SendMessageW
ReleaseDC
GetSubMenu
InflateRect
GetCursorPos
GetClientRect
LoadStringW
UnregisterClassA
SetWindowPos
PtInRect

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

advapi32

GetSecurityDescriptorDacl
RegCreateKeyW
LookupAccountSidA
CheckTokenMembership
GetSidIdentifierAuthority
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
AllocateAndInitializeSid
RegCloseKey
OpenThreadToken
IsValidSid
QueryServiceStatus
RegDeleteKeyA
SetSecurityDescriptorDacl
GetTokenInformation

shell32

SHBindToParent

msvcrt

__set_app_type
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__p__fmode
_controlfp
__dllonexit
_onexit

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4b307a65fddb88958c1bc2c50431ded

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

shell32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 132KB - Virtual size: 226KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 132KB - Virtual size: 226KB

.rsrc
Size: 28KB - Virtual size: 26KB