469630bf5fd02581a63566331aebabb7_JaffaCakes118

General

Target

469630bf5fd02581a63566331aebabb7_JaffaCakes118
Size

208KB
MD5

469630bf5fd02581a63566331aebabb7
SHA1

b0885a2cf85938c32817c3207e43cd43cdc5b002
SHA256

ca663e2ca1a559fc0e7ff70e556c0671261fe5fae121218dd7ec589f487ba689
SHA512

2a0a4faf02623144fef614fdb35a3fa1899ea7aa97511c765dc915da97b8774f48788fd4aab789d834c70a88b817a281e1006b1d8ab649435b628ed06667fa07
SSDEEP

6144:ZFxM8I2kTd8Gxmi2grvQbEiEY8yqQcMPeD:RMj2+8TwiE16E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469630bf5fd02581a63566331aebabb7_JaffaCakes118

Files

469630bf5fd02581a63566331aebabb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba1820bd32a0a5dd98f495cefd5f4fd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetQueueStatus
PostThreadMessageA
DispatchMessageA
MsgWaitForMultipleObjects
wvsprintfA
PeekMessageA
GetMessageA
wsprintfA
RegisterWindowMessageA
RegisterClassA
CreateWindowExA
CopyRect
MonitorFromWindow
LoadStringA
DestroyWindow

advapi32

RegSetValueA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA

kernel32

CreateFiberEx
GetACP
LocalFree
WaitForSingleObject
CloseHandle
ClearCommError
GetCurrentProcessId
CreateThread
EnumResourceNamesA
GetVersionExA
DeleteCriticalSection
GetSystemTimeAsFileTime
EnterCriticalSection
FatalExit
SetEvent
CreateEventA
ResumeThread
InitializeCriticalSection
LeaveCriticalSection

quartz

AMGetErrorTextW

ole32

CoTaskMemFree
CoRevokeClassObject
GetRunningObjectTable
CoRegisterClassObject
StringFromGUID2
CoInitializeEx
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CLSIDFromString
CreateItemMoniker
StringFromCLSID
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba1820bd32a0a5dd98f495cefd5f4fd6

Headers

File Characteristics

Imports

user32

advapi32

shell32

kernel32

quartz

ole32

winmm

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 92KB