008f3457d1c11123ba8072d37fdbd30e_JaffaCakes118

General

Target

008f3457d1c11123ba8072d37fdbd30e_JaffaCakes118
Size

550KB
MD5

008f3457d1c11123ba8072d37fdbd30e
SHA1

a53cf11bf59f79f87ee57b71e0f7a2ef66b34b6e
SHA256

4a5b0853f711f039ace4252f8823af38bb64ddd09cdf0eadc053064dd179e60f
SHA512

29c3fbe1710f27c48d38e9ba2ed5227d2f1f4b7561d6d0e258fef0cf9f118d25a272e29622749999218fac5ef947df5f9bd4ea0a1ac1ec040f47b0bd60bcf9c7
SSDEEP

12288:QRc/aDbBT6ewO8y/5AXuhUnODrnZvAtl1OgyHzL:QWMd30yWuPZvAt3kH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
008f3457d1c11123ba8072d37fdbd30e_JaffaCakes118

Files

008f3457d1c11123ba8072d37fdbd30e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9f586a50b29339c84861dcd4633799c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

QueryPathOfRegTypeLi
SysFreeString
LoadTypeLibEx
SafeArrayRedim

ws2_32

accept
WSAAsyncGetServByPort
getprotobyname
gethostname

ole32

CreateOleAdviseHolder
OleSaveToStream
OleFlushClipboard
OleLockRunning

kernel32

GetSystemDirectoryW
SearchPathW
FindResourceExW
ExitProcess
EnumResourceLanguagesW
GetDriveTypeW
IsValidLocale
SetThreadLocale
GetSystemTimeAsFileTime
LocalReAlloc
CreateMutexA
GetCurrentProcessId
CreateMutexW
SetCommMask
DebugBreak
GlobalDeleteAtom
LocalFileTimeToFileTime
GetEnvironmentVariableW
FreeLibrary

user32

IsWindow
BringWindowToTop
GetKeyboardLayoutList
GetScrollInfo
CreateDialogIndirectParamW
GetMonitorInfoW

gdi32

FillRgn
GetEnhMetaFileDescriptionA
GetObjectA
IntersectClipRect
GetViewportOrgEx
GetCharacterPlacementA
SetROP2
CreateDiscardableBitmap
CopyEnhMetaFileW
InvertRgn

Sections

.text
Size: 14KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9f586a50b29339c84861dcd4633799c

Headers

File Characteristics

Imports

oleaut32

ws2_32

ole32

kernel32

user32

gdi32

Sections

.text Size: 14KB - Virtual size: 230KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 14KB - Virtual size: 230KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 16KB - Virtual size: 16KB