f68904333ae6ea44775211a6ee215ec3_JaffaCakes118

General

Target

f68904333ae6ea44775211a6ee215ec3_JaffaCakes118
Size

67KB
MD5

f68904333ae6ea44775211a6ee215ec3
SHA1

cdbb8d1ed7bf8d23af1094afff2b912c2c762953
SHA256

bcb73dfbc0f324f2f751afb084014d95d68c20eb207c907707ceb7e4b88b5710
SHA512

8e7b108992c62feac6afa6b5f7b92fed0edee649be78ef807d0d7a680ce190e764e7d9e264f2008fe23c91da4f9ac61e8c16ea9916842c41f23b8772cbe0a1f8
SSDEEP

768:Dz+O3AfoSwk0ct+uNU4Nqu94P8GGQKFPobRjm644cGmAQ9pnk+iemzL53bD7EK:DPAgXkkmlqntK2b13mJV+ZbXN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f68904333ae6ea44775211a6ee215ec3_JaffaCakes118

Files

f68904333ae6ea44775211a6ee215ec3_JaffaCakes118
.exe regsvr32 windows:4 windows x86 arch:x86

332bcccf8a0ef3f80f90accc70f704cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasW
FindVolumeMountPointClose
LoadLibraryW
WriteConsoleInputVDMA
IsBadStringPtrW
LoadLibraryA
CreateJobObjectW
CreateTapePartition
GlobalUnlock
RegisterWaitForInputIdle
GetStartupInfoW
InterlockedIncrement
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

CreateAcceleratorTableW
SetUserObjectInformationW
Win32PoolAllocationStats
CreateIcon
GrayStringA
LoadMenuW
GetKeyNameTextW
ChildWindowFromPointEx
IsWindow
CopyAcceleratorTableW
RegisterClipboardFormatW
InvertRect
SetActiveWindow
SetWindowTextW
UnionRect
DrawEdge
SetWindowsHookW

shell32

PrintersGetCommand_RunDLL
Control_RunDLLAsUserW
ShellAboutW
StrChrIW
OpenAs_RunDLL
StrRStrIW
ExtractIconExA
SHChangeNotifySuspendResume
SHGetDiskFreeSpaceExA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

332bcccf8a0ef3f80f90accc70f704cf

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 86KB

.data Size: 59KB - Virtual size: 62KB

.rsrc Size: 1024B - Virtual size: 4KB

.edata Size: 2KB - Virtual size: 6KB

.reloc Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 86KB

.data
Size: 59KB - Virtual size: 62KB

.rsrc
Size: 1024B - Virtual size: 4KB

.edata
Size: 2KB - Virtual size: 6KB

.reloc
Size: - Virtual size: 4KB