da4afbf40cf1a57ceba2d42ae1a0a1e7_JaffaCakes118

General

Target

da4afbf40cf1a57ceba2d42ae1a0a1e7_JaffaCakes118
Size

460KB
MD5

da4afbf40cf1a57ceba2d42ae1a0a1e7
SHA1

39c52c5da48f7f82eb2fb9120c818039cbd1386a
SHA256

b457fb9d185e36300b146cd6c91c0a63c91f3a80923a999ff6191f359a8a8d05
SHA512

22a77d042466c2203ab9c0f4f4082a1893b64053537db5811d5174f41dcb068c0c3d43423574df6880113c29b53ce321630d475369c97fa551bf386cfa2845e3
SSDEEP

6144:fMfud4h/2EYyC/PIrlEk0wyYck0wEa7/Vpc+fWFbGE9h/2ExZLsu:fMGyh/b5mk0Sck0O/0+siE9h/bnL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4afbf40cf1a57ceba2d42ae1a0a1e7_JaffaCakes118

Files

da4afbf40cf1a57ceba2d42ae1a0a1e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c078de3c3a47876dcb1956c1745ad270

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetKeySecurity
SetSecurityDescriptorControl
GetSecurityDescriptorControl
SetSecurityDescriptorDacl
AddAccessAllowedAceEx
AddAce
EqualSid
GetAce
InitializeAcl
GetLengthSid
GetAclInformation
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegGetKeySecurity
RegOpenKeyExA
ConvertStringSidToSidA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA

kernel32

OutputDebugStringA
GetProcAddress
GetModuleHandleA
RtlUnwind
GetCommandLineA
GetVersionExA
ExitProcess
InterlockedExchange
VirtualQuery
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetProcessHeap
HeapAlloc
HeapFree
GetCurrentThreadId

mscoree

_CorExeMain

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c078de3c3a47876dcb1956c1745ad270

Headers

File Characteristics

Imports

advapi32

kernel32

mscoree

ole32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 420KB - Virtual size: 416KB

.data Size: 4KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 420KB - Virtual size: 416KB

.data
Size: 4KB - Virtual size: 5KB