550f31b45c5f5a4a730d278fd8c09f74_JaffaCakes118

General

Target

550f31b45c5f5a4a730d278fd8c09f74_JaffaCakes118
Size

83KB
MD5

550f31b45c5f5a4a730d278fd8c09f74
SHA1

73c2e0db330d228769b6306c7464191c8724a3a5
SHA256

e70d121fdb4620e8ac6d3285711129ef1bdb5a1e9fd124c645b3cb907f3c842e
SHA512

c84558fecda17918c4ca3160499a0743e6655433f6855a92b2194d51e9605bdc205bf953e74cacdf65b1871b064d666eec32dbe0924aedd3be768f3998ac188c
SSDEEP

1536:haXFYlUkmSqVrlj2zUdiQThMVD4TOnBwtIe70XaIU:haXuUMqtCUYyMVD762U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
550f31b45c5f5a4a730d278fd8c09f74_JaffaCakes118

Files

550f31b45c5f5a4a730d278fd8c09f74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44c23a85ddfaa979c294fd6b99c9c6c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
ExitProcess
FileTimeToLocalFileTime
GetACP
GetCommandLineA
GetDriveTypeA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetVersionExA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedDecrement
LocalFree
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
UnmapViewOfFile

user32

PostQuitMessage
ReleaseCapture
GetMessageA

advapi32

SetSecurityInfoExA
SetNamedSecurityInfoW
RegQueryValueExW
BuildExplicitAccessWithNameA
BuildTrusteeWithObjectsAndNameA
DecryptFileA
GetEffectiveRightsFromAclW
ImpersonateSelf
LookupAccountNameA
LookupAccountNameW
LsaGetQuotasForAccount
LsaLookupPrivilegeValue
RegCreateKeyExW
RegFlushKey

security

QueryContextAttributesA
InitializeSecurityContextW
ImpersonateSecurityContext
EncryptMessage
DeleteSecurityPackageA
ApplyControlToken

olepro32

OleLoadPicture
OleIconToCursor
OleCreatePropertyFrameIndirect
OleCreatePropertyFrame
OleCreatePictureIndirect

oleacc

WindowFromAccessibleObject
GetStateTextW
GetOleaccVersionInfo
CreateStdAccessibleObject
AccessibleObjectFromPoint

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44c23a85ddfaa979c294fd6b99c9c6c8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

security

olepro32

oleacc

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB