521148ef2fe0fa31ae39e01f93b87410_JaffaCakes118

General

Target

521148ef2fe0fa31ae39e01f93b87410_JaffaCakes118
Size

181KB
MD5

521148ef2fe0fa31ae39e01f93b87410
SHA1

214f46ffbd0f64aab011b352362132b2c95be923
SHA256

ef345898cc444fa2cb0457bb3d7827b7dc2fd8531f450757178ea7bb8c33a150
SHA512

061b23047ab768dcdf9b22785b2391b071d07525a6f4d9662fb0c66f37ed9d3f7251784c54950e2d34d0d0350ea2a5ce265f1301ef02690823babb4c0f843ad2
SSDEEP

3072:3zDU3eUYkRooMMzHbfoLfZUchwSjve+pnNrpIcRgY58aq8CDIiwwdBifzi:3XtUYkRoIDoLmr4n5LRgY6xPAwzim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
521148ef2fe0fa31ae39e01f93b87410_JaffaCakes118

Files

521148ef2fe0fa31ae39e01f93b87410_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ece171036279a6128ef7e856c31af35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?Strcmp@WSTRING@@QBEJPBV1@@Z
?EnableBreakHandling@KEYBOARD@@SGEXZ
?IsYesResponse@MESSAGE@@UAEEE@Z
??_7WSTRING@@6B@
??1OBJECT@@UAE@XZ
?Strcmp@WSTRING@@SGHPAG0@Z
??9WSTRING@@QBEEABV0@@Z
?RemoveNode@SYSTEM@@SGEPAPAVFSNODE@@E@Z
??0WSTRING@@IAE@XZ
?Strcmp@WSTRING@@QBEJPBV1@K@Z
?Strspn@WSTRING@@QBEKPBV1@K@Z
?Initialize@PATH@@QAEEPBV1@E@Z
??0PATH@@QAE@XZ
?QueryByteCount@WSTRING@@QBEKXZ
?Replace@WSTRING@@QAEEKKPBV1@KK@Z
?SetCodePage@SCREEN@@QAEEK@Z
?SetName@PATH@@QAEEPBVWSTRING@@@Z
?Initialize@MACHINE@@QAEEXZ
??0MEM_BLOCK_MGR@@QAE@XZ
??0CHKDSK_MESSAGE@@QAE@XZ

gdi32

SetMapMode
SetROP2
Polyline
Rectangle
SaveDC
StartPage
CreateSolidBrush
SetBkColor
DeleteObject
RectInRegion

ole32

CoTaskMemRealloc
CoFreeLibrary
CoMarshalInterThreadInterfaceInStream
CoResumeClassObjects
OleFlushClipboard
OleIsCurrentClipboard
CoGetMalloc
CoGetClassObject
CoRegisterClassObject
CoUninitialize
OleCreate

user32

RemoveMenu
GetWindowPlacement
FindWindowW
DefWindowProcW
GetMessageW
IsZoomed
MessageBoxW
InflateRect
SetWindowTextW
KillTimer
LoadMenuW

advapi32

QueryServiceConfigW
OpenServiceW
CloseServiceHandle
ControlService
GetTokenInformation
SetKernelObjectSecurity
IsValidSecurityDescriptor
RegDeleteValueW
InitializeAcl
RegCreateKeyExW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ece171036279a6128ef7e856c31af35

Headers

File Characteristics

Imports

ulib

gdi32

ole32

user32

advapi32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 6KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 6KB