ee933e4d98274b703cd2b125995f4fe3_JaffaCakes118

General

Target

ee933e4d98274b703cd2b125995f4fe3_JaffaCakes118
Size

64KB
MD5

ee933e4d98274b703cd2b125995f4fe3
SHA1

6a8c398014edbf9397ac2af7a0374e0c317b3df4
SHA256

006e8212d467b7c8f6dd338b2797834811cd5f79e3e9bf01af0fb046d67a16b7
SHA512

d332d33fbd062dd8c6c4f84913f81ba3f8fbe91ee9609cf7e998e66801a19425dc02e86788cf3d5112382ff1fc41b7c0c18b97728a44109b7c5c3df2d01d566f
SSDEEP

1536:aRVh22TJlGMohW3wJvwKv3KNcJPflmvz1TCB:aRnBv33wNw6KoflmvxTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee933e4d98274b703cd2b125995f4fe3_JaffaCakes118

Files

ee933e4d98274b703cd2b125995f4fe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eec4440bbe7fed7568179fe702cd941b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
GetACP
LoadLibraryA
GetStringTypeW
FreeEnvironmentStringsA
GetLocaleInfoW
TerminateThread
SetEndOfFile
GetModuleFileNameA
GetConsoleCP
ReadFile
SetEvent
GetNumberFormatA
FindFirstFileA
TlsFree
GetDriveTypeA
GetExitCodeThread
DeviceIoControl
ExitThread
GlobalUnlock
HeapCreate
SetFilePointer
TlsSetValue
GetCPInfo
CompareStringW
LocalFree

msvcrt

_strnicmp
_initterm
_strlwr
_wsplitpath
memcmp
wcslen
__setusermatherr
wcsncpy
_stricmp
_controlfp
atoi
wcsncmp

advapi32

RegCreateKeyExA
LookupPrivilegeNameA
AdjustTokenPrivileges
AllocateAndInitializeSid
RegEnumValueA
AddAce
RegConnectRegistryA
GetTokenInformation
CreateProcessAsUserA
RegCloseKey
FreeSid
CloseServiceHandle

gdi32

SetTextAlign
RestoreDC
SelectClipRgn
LineTo
DeleteObject
GetObjectA
CreateRectRgn
RectInRegion
SetBkMode
GetTextMetricsA
SetBkColor
StartPage
GetBkColor

user32

DrawIconEx
SetClassLongA
SetDlgItemTextA
DeleteMenu
GetMenu
EndPaint
GetPropA
SetPropA
GetSysColor
SetTimer
GetDC
CallWindowProcA
CreateIconIndirect
WindowFromPoint
SetMenuItemBitmaps
CheckMenuItem
GetWindow
PostQuitMessage
InvalidateRgn
GetSysColorBrush
SetCursor
ScreenToClient
LoadBitmapA
DestroyWindow

ole32

OleIsCurrentClipboard

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 779B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eec4440bbe7fed7568179fe702cd941b

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

gdi32

user32

ole32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 1024B - Virtual size: 779B

.data Size: 3KB - Virtual size: 91KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 1024B - Virtual size: 779B

.data
Size: 3KB - Virtual size: 91KB

.rsrc
Size: 1024B - Virtual size: 1000B