f5e669b5ade171472d029b6c78dc37dc_JaffaCakes118

General

Target

f5e669b5ade171472d029b6c78dc37dc_JaffaCakes118
Size

227KB
MD5

f5e669b5ade171472d029b6c78dc37dc
SHA1

b87a4b08e2a1f05423b75b507beee07fc26b4b51
SHA256

e97d6ae18dec7f8bb9a4469bed7786ecbd7cbe8bf35d891ab5924978847641ab
SHA512

e6e56fb10a21686d38279ff47959bed0172a0a3b533eae98c1830e8433832a59e42d5759f09e07c816b7d3443555a7bcc090e02dd43c2b0faf123fe980971f8c
SSDEEP

6144:3PVp5FwCayyGAUxkQlexGL4mRwUL4ZYPN02M/54exi82LiT:hyGfuQcxGLzOws5Tib6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5e669b5ade171472d029b6c78dc37dc_JaffaCakes118

Files

f5e669b5ade171472d029b6c78dc37dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4969e6b0d6e6588e6e0d8fed974b5f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

AllocConsole
ClearCommBreak
ExitProcess
InitializeCriticalSection
IsSystemResumeAutomatic
LocalFlags
PostQueuedCompletionStatus
QueueUserAPC
RtlUnwind
SearchPathW
SetWaitableTimer

advapi32

AreAnyAccessesGranted
CryptEnumProviderTypesA
CryptReleaseContext
CryptVerifySignatureA
InitializeSid
OpenEventLogW
PrivilegedServiceAuditAlarmA
RegOpenKeyW
RegSetValueW
SetFileSecurityW
SetSecurityDescriptorOwner

user32

ChangeMenuA
EnumThreadWindows
EqualRect
FindWindowExW
GetComboBoxInfo
IMPGetIMEW
LoadCursorFromFileA
MapVirtualKeyExA
RegisterClassExW
SetCapture
SetProcessWindowStation
SetWindowPlacement

shell32

CommandLineToArgvW
ExtractAssociatedIconW
ExtractIconExW
FindExecutableA
OpenAs_RunDLLW
SHAddToRecentDocs
SHFreeNameMappings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHHelpShortcuts_RunDLLA
SheChangeDirA
SheGetDirA
SheGetPathOffsetW
ShellExecuteW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4969e6b0d6e6588e6e0d8fed974b5f4

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 224KB - Virtual size: 224KB

.rsrc Size: 1024B - Virtual size: 240KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 224KB - Virtual size: 224KB

.rsrc
Size: 1024B - Virtual size: 240KB