f99540b658ad0e6d12d60c2e09721869_JaffaCakes118

General

Target

f99540b658ad0e6d12d60c2e09721869_JaffaCakes118
Size

228KB
MD5

f99540b658ad0e6d12d60c2e09721869
SHA1

3553ea33e3c9db27cc331e13c0ed832f422ab771
SHA256

50d63dedbc778b2b73f0f836805f17357454b6926a699420d6ee391832846346
SHA512

52ff2fb7823cbb552f4c8b9c6d67c028946bbf0b8991f2435f583999244c8a9dee07202b63f7af0a8fb9fcc340d5a586d15f908b68372038200cd2e663a85427
SSDEEP

6144:9TPEFJkrqlr25MLPYC6mI/PoPUzsnnW3SOrYln9iExPiRgH:JP3rg25kPd6mIoPUzsn3OslnXxPiR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f99540b658ad0e6d12d60c2e09721869_JaffaCakes118

Files

f99540b658ad0e6d12d60c2e09721869_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdc40061d0e655e03a67b08774bab822

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

AllocConsole
DisconnectNamedPipe
EnumCalendarInfoExA
EnumCalendarInfoW
ExitProcess
GetDefaultCommConfigW
GetHandleInformation
GetProfileSectionW
SetCalendarInfoA
WaitForSingleObject
lstrcatA

advapi32

CryptEnumProvidersW
CryptGenKey
CryptSetProviderW
DeregisterEventSource
GetAuditedPermissionsFromAclA
GetFileSecurityW
GetKernelObjectSecurity
GetNamedSecurityInfoA
ObjectCloseAuditAlarmA
PrivilegedServiceAuditAlarmA
RegOpenKeyExW
RegQueryValueExA
RevertToSelf

user32

BroadcastSystemMessageA
ChangeMenuA
DeferWindowPos
DrawFocusRect
GetWindowTextLengthW
MessageBeep
UserClientDllInitialize

gdi32

Arc
CombineRgn
CopyMetaFileA
CreateFontW
EnableEUDC
GetCharWidthFloatW
GetFontData
GetMetaFileA
GetNearestPaletteIndex
GetWindowExtEx
PlayEnhMetaFile
RectInRegion

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdc40061d0e655e03a67b08774bab822

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 224KB - Virtual size: 224KB

.rsrc Size: 1024B - Virtual size: 240KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 224KB - Virtual size: 224KB

.rsrc
Size: 1024B - Virtual size: 240KB