55d09fe6a3b9242194a54bb0be526c30_JaffaCakes118

General

Target

55d09fe6a3b9242194a54bb0be526c30_JaffaCakes118
Size

48KB
MD5

55d09fe6a3b9242194a54bb0be526c30
SHA1

a691b68f5ea8be65d30fda0066cc86e719755a0d
SHA256

25797d5bb63afe6527d1e95e5b370cfb9b0c51093f33584b2ee6e3e1475bd7f7
SHA512

29b1d5019c0b471535e894d418ef165ff2d110b08677959dab3df7681f54c6e4c9ed782c5ee80e67bed9ead74ad42168da2f3f945c90999acba1efe89330de01
SSDEEP

768:xNVEKDJJKNWomSpBahUhF9ceAcDcw0Butgg3dgmN8xx9aEl:9ZsZP8GqbRJButgWYT9aEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55d09fe6a3b9242194a54bb0be526c30_JaffaCakes118

Files

55d09fe6a3b9242194a54bb0be526c30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b97dc0d6a9b1569b8630e928f87f5f15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyNameTextA
DrawIcon
DefDlgProcA
DrawTextA
SetFocus
GetMessageA
LoadBitmapA
CharToOemA
wsprintfW
MessageBoxW
LoadCursorW
DispatchMessageW
LoadStringA
IsCharLowerW
PeekMessageW
PostMessageW

uxtheme

IsThemeActive
GetThemeFont
GetWindowTheme
GetThemeInt
GetThemeSysSize
GetThemeTextMetrics
SetWindowTheme
CloseThemeData
DrawThemeBackground
OpenThemeData
DrawThemeEdge

kernel32

GetShortPathNameA
GetSystemTime
GetProcessHeap
GetCurrentDirectoryW
SearchPathA
GetLocalTime
WaitForSingleObject
DeviceIoControl
GetTickCount
GetProcAddress
HeapAlloc
TlsGetValue
CreateMutexA
GetModuleHandleW
OpenMutexW
GetLogicalDriveStringsA
CreateWaitableTimerA
GetLocaleInfoW
GetLastError
CreateEventA
SetEnvironmentVariableW
GetEnvironmentVariableA

wtsapi32

WTSOpenServerA
WTSVirtualChannelClose
WTSVirtualChannelRead
WTSLogoffSession
WTSFreeMemory
WTSCloseServer
WTSWaitSystemEvent
WTSEnumerateServersA
WTSEnumerateSessionsA
WTSSendMessageA
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSVirtualChannelOpen
WTSEnumerateProcessesA

clbcatq

DowngradeAPL
SetSetupSave

dhcpsapi

DhcpAddServer
DhcpCreateClass

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b97dc0d6a9b1569b8630e928f87f5f15

Headers

File Characteristics

Imports

user32

uxtheme

kernel32

wtsapi32

clbcatq

dhcpsapi

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 18KB