01d4eb7536155030fc825f1746c9b860_JaffaCakes118

General

Target

01d4eb7536155030fc825f1746c9b860_JaffaCakes118
Size

68KB
MD5

01d4eb7536155030fc825f1746c9b860
SHA1

e382c12b41f15430e4b4a021f9726a3bbf0d0e7e
SHA256

51478f310d659f5d6adea824c92595c1d7e3fc6352fff7d14746b6f41ecd2283
SHA512

2043dcaf4aedb6ee9373c13585bf756c595b5d6dd5dbd6c5b0e4d5397172fcedac6ce5c9c2f56a34cd6c6ef2791838560f47a2f98aa0531184491fcb43c355d8
SSDEEP

1536:4yv6t8iBDKqVSaVoIkr/O0s7lDs7RVIro/8cFr6NnJDK3:4yCtPKqMa2Tr/QGvI0ESr6fDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d4eb7536155030fc825f1746c9b860_JaffaCakes118

Files

01d4eb7536155030fc825f1746c9b860_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46dd9b8156abd9fc7b855d04c8eb3f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FormatMessageA
HeapCreate
FindResourceA
GetFileSize
lstrcpyA
IsBadStringPtrW
LeaveCriticalSection
GetLastError
InitializeCriticalSection
SetFileAttributesA
ReadConsoleA
CloseHandle
ReadConsoleA
lstrcatA
ReadConsoleA
GetStartupInfoW
GetModuleHandleA
ReadFile
GetCurrentDirectoryW
CreateMutexA
GetLocalTime

msi

MsiCreateRecord
MsiCloseHandle
MsiCloseAllHandles
MsiAdvertiseProductA

user32

wsprintfW
IsDialogMessageA
DispatchMessageA
IsCharLowerA
SetFocus
GetWindowLongW
SetCursorPos
IsZoomed
PeekMessageW
LoadCursorW
GetWindowTextA
PostMessageW
IsWindow

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46dd9b8156abd9fc7b855d04c8eb3f9f

Headers

File Characteristics

Imports

kernel32

msi

user32

wldap32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 5KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 53KB - Virtual size: 60KB

.text1 Size: 1024B - Virtual size: 263B

.data2 Size: 512B - Virtual size: 178B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 5KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 53KB - Virtual size: 60KB

.text1
Size: 1024B - Virtual size: 263B

.data2
Size: 512B - Virtual size: 178B