ede2bf51f73977d8e4f845fc7fbeed5f_JaffaCakes118

General

Target

ede2bf51f73977d8e4f845fc7fbeed5f_JaffaCakes118
Size

182KB
MD5

ede2bf51f73977d8e4f845fc7fbeed5f
SHA1

981ae7f5bbb2429e5f3c77428115b7bbc2f4d69a
SHA256

449585fc596b7edbf0a1d1457a8549ea022cd982da51ce11b3f7ca6a9a083895
SHA512

ce327b4935f5be7b155f0e232ef70f14fcab79a68d567c2b8ad70e5a65f5f549abfbf974ce6b0392735d29c98a97be642d902d7ae382c08cc9c1ad97e35a9f60
SSDEEP

3072:gcZxvg8aGCyU6ufzh6VXL+WT7pWxDg/InX/9EgTqTCqOGmGDDpOWFPPlGMU4i0:gcjIdtfEVXL+S7pwgAX/9xTbf5GfPFPV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ede2bf51f73977d8e4f845fc7fbeed5f_JaffaCakes118

Files

ede2bf51f73977d8e4f845fc7fbeed5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ba655322a6b62c7d3dff9f5b98e2270

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

quartz

AMGetErrorTextW

user32

wvsprintfA
RegisterClassA
LoadStringA
GetMessageA
GetQueueStatus
CreateWindowExA
DispatchMessageA
MonitorFromWindow
RegisterWindowMessageA
PostThreadMessageA
CopyRect
PeekMessageA
MsgWaitForMultipleObjects
wsprintfA
DestroyWindow

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeEndPeriod

ole32

CoFreeUnusedLibraries
StringFromCLSID
CoInitialize
GetRunningObjectTable
CreateStreamOnHGlobal
CoUninitialize
CoRevokeClassObject
CLSIDFromString
CoInitializeEx
StringFromGUID2
CreateItemMoniker
CoTaskMemFree
CoCreateInstance
CoRegisterClassObject
CoTaskMemAlloc

advapi32

RegSetValueA
RegCreateKeyExA
RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA

kernel32

CreateFiberEx
CloseHandle
InitializeCriticalSection
CreateThread
CreateEventA
ResumeThread
EscapeCommFunction
GetACP
GetSystemTimeAsFileTime
GetVersionExA
EnumResourceNamesA
WaitForSingleObject
FatalExit
SetEvent
LocalFree
DeleteCriticalSection
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ba655322a6b62c7d3dff9f5b98e2270

Headers

File Characteristics

Imports

quartz

user32

shell32

winmm

ole32

advapi32

kernel32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 76KB