3788e54d1bac1adba245d5dc9fe5d8ea_JaffaCakes118

General

Target

3788e54d1bac1adba245d5dc9fe5d8ea_JaffaCakes118
Size

193KB
MD5

3788e54d1bac1adba245d5dc9fe5d8ea
SHA1

306bc18f0d268a64aeda36cd38e60a16d4f4e32e
SHA256

624d1279bed964963504f13fc6f64e329360f3dbd679bdb6d86e145a7abc6831
SHA512

1ad843754e6658cdde69aa9332612fbf3acb95ce95233b5b5a880c34e6b684002ba47eab43e5bba1ae697568703a2d0266bb56b0091c64f0fde3136f43cc0980
SSDEEP

6144:0IqCnyhow5ByZD87ZxzjJr1jZpb9sGjp9:0IqCnXYEAHjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3788e54d1bac1adba245d5dc9fe5d8ea_JaffaCakes118

Files

3788e54d1bac1adba245d5dc9fe5d8ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6b68e64c250d3a196773dfaeb5e4b83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

quartz

AMGetErrorTextW

kernel32

DeleteCriticalSection
GetCurrentProcessId
CreateFiberEx
CreateThread
GetSystemTimeAsFileTime
CloseHandle
ClearCommError
InitializeCriticalSection
ResumeThread
EnumResourceNamesA
LocalFree
FatalExit
CreateEventA
GetACP
EnterCriticalSection
SetEvent
WaitForSingleObject
GetVersionExA
LeaveCriticalSection

advapi32

RegSetValueA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyA
RegEnumKeyExA

user32

PeekMessageA
LoadStringA
wvsprintfA
DispatchMessageA
GetMessageA
wsprintfA
PostThreadMessageA
RegisterClassA
CreateWindowExA
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetQueueStatus
MonitorFromWindow
CopyRect
DestroyWindow

shell32

SHGetSpecialFolderPathA

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

ole32

CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
StringFromCLSID
CoInitializeEx
CoUninitialize
StringFromGUID2
CoRevokeClassObject
CreateItemMoniker
CoRegisterClassObject
CoInitialize
GetRunningObjectTable
CLSIDFromString
CoFreeUnusedLibraries
CoTaskMemAlloc

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6b68e64c250d3a196773dfaeb5e4b83

Headers

File Characteristics

Imports

quartz

kernel32

advapi32

user32

shell32

winmm

ole32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 356KB