44c9185f2aea3f8cdff0d3d0806cd3e4_JaffaCakes118

General

Target

44c9185f2aea3f8cdff0d3d0806cd3e4_JaffaCakes118
Size

97KB
MD5

44c9185f2aea3f8cdff0d3d0806cd3e4
SHA1

97120730d58bb68843c92b62cc95c9a3f5e2a65e
SHA256

062661bbcc7a17d76582043ddae57348afb32dcbbc75ac5b2c20379aed8dc931
SHA512

fcdb04f2794e969e38078cef6c9f6d7ee1ce3a6ec7f2e3aab4e1553c0a2043521bab0be96dd8d1904f0985964a867cd8503f6830f1df1959e34ff2d59aaf6133
SSDEEP

1536:51IjsLmIDpsg34biwAz90VbNj7tdAzXof1tqkzOO5cSi4iXHifKvtotY:5ajsbSgKAz9CdAzXE1YXPOKvtotY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c9185f2aea3f8cdff0d3d0806cd3e4_JaffaCakes118

Files

44c9185f2aea3f8cdff0d3d0806cd3e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d20643210585460c48340f02dc73568

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA

advapi32

RegQueryValueExW
InitializeAcl
RegDeleteValueA
RegEnumKeyExW
AllocateAndInitializeSid
RegDeleteKeyA
RegEnumKeyExA
FreeSid
RegSetValueExA
LookupPrivilegeValueA
RegDeleteValueW

gdi32

PlayMetaFileRecord
CreateDCW
UnrealizeObject
StretchBlt
PolyBezierTo
CreatePen
SetRectRgn
LPtoDP
RealizePalette
GetStockObject
BitBlt
TextOutA
GetCurrentPositionEx
GetTextAlign
AngleArc
CreatePalette

comctl32

ImageList_AddMasked
InitCommonControlsEx
InitCommonControls
CreateToolbarEx
ImageList_ReplaceIcon
ImageList_Create
PropertySheetA

msvcrt

_lock
_wtol
_mbsicmp
?terminate@@YAXXZ
fputc
_open_osfhandle
_wcsicmp
memcpy
??2@YAPAXI@Z
realloc
__p___initenv
__setusermatherr
_adjust_fdiv
bsearch
_strcmpi
_XcptFilter
wcstol
iswctype

kernel32

SetThreadPriority
GetTempFileNameA
GlobalUnlock
LocalAlloc
DeleteCriticalSection
ExitProcess
GetLastError
VirtualAlloc
CloseHandle

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d20643210585460c48340f02dc73568

Headers

File Characteristics

Imports

version

advapi32

gdi32

comctl32

msvcrt

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 86KB

.idata Size: 10KB - Virtual size: 23KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 86KB

.idata
Size: 10KB - Virtual size: 23KB

.rsrc
Size: 20KB - Virtual size: 19KB