03a3f8c758320a0bf20f956d677bf0e8_JaffaCakes118

General

Target

03a3f8c758320a0bf20f956d677bf0e8_JaffaCakes118
Size

560KB
MD5

03a3f8c758320a0bf20f956d677bf0e8
SHA1

4db9b296375be106d888644c52ad96566e1e7da9
SHA256

a2801e9fa038d549d79ffed7c2f5bceb317eca8ad6fd8b0f0e6c5c1fe2232698
SHA512

fa52591c9ac20fd01da5ca56d5308651b9bcb5aa1c812f4f9c8b34245a77def10b08a53ae2e3ba1a179ae24bb1326a42e74d024d8316bdfb83adee38c9eefdcb
SSDEEP

6144:1dxLd7yLaDfxpteO56ZE6LS+goy0j3ik/:1zaa9ptenZxLS+Xy0j3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a3f8c758320a0bf20f956d677bf0e8_JaffaCakes118

Files

03a3f8c758320a0bf20f956d677bf0e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6328c214192f7985fdbf1f38b1253099

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
ChooseFontA

kernel32

SetLastError
IsValidLocale
GetHandleInformation
GetConsoleMode
PeekNamedPipe
GlobalFree
GetCompressedFileSizeW
ClearCommBreak
SetProcessShutdownParameters
GetDiskFreeSpaceW
GetStartupInfoA
SetStdHandle
GetTapeParameters
ExitProcess

user32

GetSubMenu
LoadKeyboardLayoutA
CharToOemA
LoadImageA
OpenWindowStationW
GetDesktopWindow
CopyAcceleratorTableA
GetUpdateRect

comctl32

ImageList_SetOverlayImage
ImageList_Remove
CreatePropertySheetPageA
PropertySheetW

advapi32

QueryServiceConfigA
RegisterServiceCtrlHandlerA
OpenSCManagerA
EqualSid
RegSaveKeyA
OpenEventLogW
ObjectCloseAuditAlarmA
SetServiceStatus
CryptEncrypt
CryptExportKey
GetExplicitEntriesFromAclW
LookupPrivilegeValueW
ReportEventA
RegisterEventSourceW
OpenThreadToken
GetSecurityDescriptorDacl
GetServiceKeyNameW
FreeSid

msvcrt

getc
_spawnv
strerror
_wremove
__p__environ
tmpnam
strncat
__p___argv
_write
_read
iswalnum
_mbscat
wcscspn

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6328c214192f7985fdbf1f38b1253099

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

comctl32

advapi32

msvcrt

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 237KB - Virtual size: 236KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 237KB - Virtual size: 236KB

.rsrc
Size: 16KB - Virtual size: 16KB