17f4bb013954cfdad1b4644327b5fae4_JaffaCakes118

General

Target

17f4bb013954cfdad1b4644327b5fae4_JaffaCakes118
Size

833KB
MD5

17f4bb013954cfdad1b4644327b5fae4
SHA1

5484ece6fa3f8087acc38f348a3c3e10ae126973
SHA256

a9f2676a69160299714fa866692aea826034950998266513e56ee39363e9ea5d
SHA512

c2eb1609e410217cab961992e75b34803a0a58fd0b36c54121f6c5fd25cda6547713e0466fa5c535743c9bcb147cdc63abc71fa73e1ea99ebe41d4a233b5a2aa
SSDEEP

12288:bnMO7iUG/wdyGS9Q+mindoIPwMUcspXY8Kh0Nmn65/Stw1qvqtjLO8jrJj0F:bM0iZ/YHadoyUzNY8Kh05/kwF1O8jRe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17f4bb013954cfdad1b4644327b5fae4_JaffaCakes118

Files

17f4bb013954cfdad1b4644327b5fae4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f234cc974938ac94d48139c4fc8e7beb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetSystemTime
IsValidCodePage
GetStartupInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetTimeZoneInformation
LoadLibraryA
SetConsoleActiveScreenBuffer
LocalAlloc

olecli32

GenClone
MfRelease
ErrSetTargetDevice
LeDraw
OleSaveToStream
LeQueryOutOfDate
DibClone
OleCreateLinkFromClip
LeSaveToStream
LeCreateInvisible
LeSetTargetDevice

credui

CredUIReadSSOCredA
CredUIParseUserNameA
CredUIStoreSSOCredW
CredUIReadSSOCredW
CredUIConfirmCredentialsA
CredUIPromptForCredentialsW
CredUIConfirmCredentialsW
CredUICmdLinePromptForCredentialsW

ntdll

RtlLockBootStatusData
RtlDowncaseUnicodeChar
RtlEnumerateGenericTableAvl
RtlPcToFileHeader
RtlFreeAnsiString
RtlTimeFieldsToTime

Sections

.text
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f234cc974938ac94d48139c4fc8e7beb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

olecli32

credui

ntdll

Sections

.text Size: 377KB - Virtual size: 376KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 216KB - Virtual size: 216KB

.reloc Size: 1024B - Virtual size: 948B

.text
Size: 377KB - Virtual size: 376KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 216KB - Virtual size: 216KB

.reloc
Size: 1024B - Virtual size: 948B