10a91241d7d7bd0699b7ad05baae186d_JaffaCakes118

General

Target

10a91241d7d7bd0699b7ad05baae186d_JaffaCakes118
Size

82KB
MD5

10a91241d7d7bd0699b7ad05baae186d
SHA1

661c7204160287963f730e90ce41d756ed670190
SHA256

198412bc9b558224e01f4efe02ce0cd5c084a748b996917cfec7a0adcfd09c36
SHA512

c70c91ec1d5cf69a3c609ba135568351a0e7a64a937326f84788750042538cc384d6c8d38a28020d297c799ddbcf16c7a313919160978cdf5d0117fb8a5757a3
SSDEEP

1536:UGC2uVIj44t7ug78yiLQCx9GP2pmZgg/pZRPzPGS2ow8+bESyIOk7:NCXI0EugO8CxMOmZgcNLPGS2zESyZk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a91241d7d7bd0699b7ad05baae186d_JaffaCakes118

Files

10a91241d7d7bd0699b7ad05baae186d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

048e9affc7d08a4ead5e2a921fe2e8e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegEnumValueA
RegQueryValueExW
FreeSid
RegEnumKeyExA
LockServiceDatabase
StartServiceCtrlDispatcherA

gdi32

GetBkMode
SetBkMode
SetBrushOrgEx
CancelDC
GetTextMetricsW
SetLayout
Arc
CreateRoundRectRgn
SetViewportExtEx
ExtTextOutA
FillRgn
GetCurrentPositionEx
CreateCompatibleBitmap
ExcludeClipRect
GetTextColor
TextOutA
CreateMetaFileA
MoveToEx

msvcrt

realloc
strncmp
__p__fmode
_mbsnbcpy
__setusermatherr
_timezone
_close
div
strcmp
fseek
_purecall
_osver
_memicmp
isxdigit
tolower
exit
__getmainargs

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

kernel32

GetOEMCP
GetEnvironmentVariableA
InterlockedDecrement
GetSystemDirectoryA
ExitProcess
GetLocalTime
GetCommandLineW
IsDebuggerPresent
VirtualAlloc
CreateThread
MoveFileA
FlushFileBuffers
TerminateProcess
InterlockedExchange
IsValidLocale
GetDateFormatA
CreateToolhelp32Snapshot
SuspendThread
FreeLibrary
GetConsoleCP
GetModuleHandleW
RtlUnwind
GetSystemTime
GetUserDefaultLCID
GetExitCodeProcess

Sections

.text
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 11KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

048e9affc7d08a4ead5e2a921fe2e8e0

Headers

File Characteristics

Imports

advapi32

gdi32

msvcrt

version

kernel32

Sections

.text Size: 42KB - Virtual size: 43KB

INIT Size: 2KB - Virtual size: 1KB

edata Size: 11KB - Virtual size: 81KB

.idata Size: 9KB - Virtual size: 39KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 42KB - Virtual size: 43KB

INIT
Size: 2KB - Virtual size: 1KB

edata
Size: 11KB - Virtual size: 81KB

.idata
Size: 9KB - Virtual size: 39KB

.rsrc
Size: 17KB - Virtual size: 17KB