deb8e88eacad6c8dae25e109922169b6_JaffaCakes118

General

Target

deb8e88eacad6c8dae25e109922169b6_JaffaCakes118
Size

91KB
MD5

deb8e88eacad6c8dae25e109922169b6
SHA1

f6194ebb594a27715369629bf8ebc9765968a467
SHA256

40ef7ae1300c0a17caee1a200732264896c4c0403d2353f6f238b786f9685962
SHA512

e65eb17840f0af423996faaef75226b16d8e4eaf2762755f50d3e1ebcedb9e6c623010186ea9510d88b35cc67bbe5087a62d381da259e8232f42118b42091b31
SSDEEP

1536:hwFjNqD700fyOe21puvF83+0UcNvUIX1TYAT1K8B0ZCjyDfZvoi6r1QeWc:Ego05TUFMZfPT1SZdDfZvo3Qe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deb8e88eacad6c8dae25e109922169b6_JaffaCakes118

Files

deb8e88eacad6c8dae25e109922169b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f1467ba732fad09321dfe2740236281

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
ReadFileEx
RequestDeviceWakeup
LoadLibraryExA

ntdll

RtlEncodeSystemPointer

user32

TrackPopupMenu
GrayStringA
SetDlgItemTextW

ole32

CoLoadLibrary

advapi32

RegQueryInfoKeyA

gdi32

SetRectRgn
SetMetaRgn
SetBkColor
SaveDC
UpdateColors
WidenPath
PtVisible
OffsetClipRgn
InvertRgn
GetTextColor
GetTextCharacterExtra
GetStockObject
GetClipRgn
GetBitmapBits
GdiGetBatchLimit
RemoveFontMemResourceEx
AbortPath
Arc
ColorMatchToTarget
FillPath
FlattenPath

msimg32

AlphaBlend

netapi32

RxNetAccessGetUserPerms
NetWkstaGetInfo

shlwapi

SHRegDeleteEmptyUSKeyA

shell32

SHCreatePropSheetExtArray

comsvcs

CoEnterServiceDomain

cfgmgr32

CM_Get_Device_Interface_AliasA

Exports

Exports

A346qkFE6fi7CZkea
RgEPGwiRysSZ16oPJv81F
iGsL5gCVJr3vHA
uWqKPrswitBsZ8
wOX

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f1467ba732fad09321dfe2740236281

Headers

File Characteristics

Imports

kernel32

ntdll

user32

ole32

advapi32

gdi32

msimg32

netapi32

shlwapi

shell32

comsvcs

cfgmgr32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 29KB - Virtual size: 112KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 29KB - Virtual size: 112KB

.rsrc
Size: 7KB - Virtual size: 7KB