29148ca758a8b60e3f64f22949c425ab_JaffaCakes118

General

Target

29148ca758a8b60e3f64f22949c425ab_JaffaCakes118
Size

24KB
MD5

29148ca758a8b60e3f64f22949c425ab
SHA1

c8eca92a042ec55775d83af1faf2aa9802fabaee
SHA256

69aa32fe7616427dcbf13579e30d29717fe824b8203060b6af170f4d0cbbcca2
SHA512

cf32457a4f68c56760b6f0295b222a7294b5584a2f4d5d6f5e9787a8a5da46ba930017066b21f6c4c0a9a0bbd12baff6db68affececa955643a4afedd18d31d3
SSDEEP

384:ZgaXmiuA6xujSHdqe5WJA4A4A4A4A4A4AdFzLtGE2k/VukEk+33444444344444X:aG6AjS93DP0q/I3HHHHHHpwlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29148ca758a8b60e3f64f22949c425ab_JaffaCakes118

Files

29148ca758a8b60e3f64f22949c425ab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a92b37f59ecb665af236324836161e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
GetFileAttributesExW
AddConsoleAliasW
SetThreadPriority
FindResourceExA
GetStartupInfoA
GetModuleHandleA
FillConsoleOutputCharacterA
GetProfileStringW
SetFileApisToOEM
WaitForSingleObject
HeapSize
GetPrivateProfileSectionW
LocalShrink
GetCommandLineA

msvcrt

_Getmonths
_winminor
_c_exit
_ismbbkprint
mbstowcs
_splitpath
_mbsnccnt
__initenv
__p___wargv
_HUGE

ole32

WriteOleStg
STGMEDIUM_UserUnmarshal
HMETAFILE_UserMarshal
HBRUSH_UserFree
OleLoad
UtGetDvtd32Info

advapi32

LsaLookupNames
RegisterTraceGuidsW
IsValidSid
AbortSystemShutdownW
SetEntriesInAclA
IsValidAcl
LogonUserA
ConvertSecurityDescriptorToStringSecurityDescriptorA
SystemFunction026

gdi32

GdiEntry4
SetDeviceGammaRamp
GdiSetServerAttr
GetDCOrgEx
GetCharWidthI

user32

DrawStateW
IsCharAlphaNumericW
OpenWindowStationW
EnumDisplaySettingsA
MsgWaitForMultipleObjects
ChangeMenuW
GetClassInfoW
CreateWindowExW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a92b37f59ecb665af236324836161e0c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

advapi32

gdi32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 968B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 968B