3af6719ae4ec97ea5925a1f156cc423e_JaffaCakes118

General

Target

3af6719ae4ec97ea5925a1f156cc423e_JaffaCakes118
Size

4.9MB
MD5

3af6719ae4ec97ea5925a1f156cc423e
SHA1

ced6b1ffa12ee2705eb448b9a457313d050e0b08
SHA256

c17841a6940c18b2706316756fe77dfc5c9d91a3f22ee454bc2e575ade267804
SHA512

cfa64ab088f8b9ccf05e46a01f49f8361268181f0c4ee8858fca89c6a002487801fa92205076775efa3940cbf7700f588c3dd12667f9b2a425e37c7d4a676f6c
SSDEEP

49152:0Fqye68M4E5w5C8ETOwxQhfFPxk8zw63/34in7O3LPb:0FLxwVE6w4fF5k8zw63/3n4Pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af6719ae4ec97ea5925a1f156cc423e_JaffaCakes118

Files

3af6719ae4ec97ea5925a1f156cc423e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ed66a95f215f1831161ee6cd76df0bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
ResetEvent
VirtualFree
FreeEnvironmentStringsW
InterlockedIncrement
SetHandleCount
LeaveCriticalSection
GetCPInfo
IsDebuggerPresent
GetProcessHeap
GetACP
MultiByteToWideChar
CreateFileA
UnmapViewOfFile
SetEvent
GetCurrentProcessId
DeleteFileW
TlsAlloc
LocalAlloc
GlobalAlloc
ReleaseMutex
FindClose
GetCurrentDirectoryW
lstrcatW
GetLocaleInfoW
GetLastError
CopyFileExA
FormatMessageW
lstrlenA

user32

TranslateMessage
DestroyWindow
KillTimer
PtInRect
MessageBoxW
ReleaseDC
CopyRect
DrawFocusRect
PeekMessageW
IntersectRect
GetWindow
InvalidateRect
DialogBoxParamW

gdi32

GetTextExtentPointW
IntersectClipRect
SetBkMode
CreateRectRgnIndirect
Rectangle
GetDeviceCaps
PlayMetaFile
TextOutW
ExtTextOutW

advapi32

CheckTokenMembership
RegOpenKeyA
RegQueryInfoKeyA
ControlService
LookupPrivilegeValueW

msvcrt

puts

shlwapi

StrChrA
StrCmpW

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 648KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed66a95f215f1831161ee6cd76df0bf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

shlwapi

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 20KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 648KB - Virtual size: 644KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 20KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 648KB - Virtual size: 644KB