f6a9c197ba3de4dfa1e694da8cbf1f3a_JaffaCakes118

General

Target

f6a9c197ba3de4dfa1e694da8cbf1f3a_JaffaCakes118
Size

162KB
MD5

f6a9c197ba3de4dfa1e694da8cbf1f3a
SHA1

0497f4a4bffeca0cdf51170ec1a8ff9cb1ee6f97
SHA256

42d45a4238f81bf28496a1ad88fe3bf6df387f04be0319d226a6829d030f5a9b
SHA512

63726290a182348f988d347b819f271878b55cca2b05aae5e2425ba312c84e80a7ac2eaa788168b73595da717c1211759c5e53d0857cdfba4007d7c3bddafaff
SSDEEP

3072:/7VtabFxJiVIgLHEp+fJxww7ht4qNtZh3CQsHGf5cwBCKDKzfQtTnDtB:jVQReNLHxDh2+r34HlwvezfAnx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6a9c197ba3de4dfa1e694da8cbf1f3a_JaffaCakes118

Files

f6a9c197ba3de4dfa1e694da8cbf1f3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

508ec85ce3cf781b19009a07a24d6d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

TranslateMessage
PostThreadMessageW
CharUpperW
CharNextW
UpdateWindow
GetMessageW
SetTimer
DispatchMessageW
GetDC
KillTimer
wsprintfW
UnregisterClassA

kernel32

GlobalAlloc
lstrlenW
FillConsoleOutputCharacterA
InitializeCriticalSection
GetProcessWorkingSetSize
WideCharToMultiByte
CreateFileMappingW
OutputDebugStringW
GlobalFree
lstrcpyW
GetCPInfo
GetACP
FindClose
EnumResourceNamesA
LockResource
lstrcmpiW
FreeEnvironmentStringsW
GetLastError
GetTickCount
MultiByteToWideChar
lstrcpyA
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoRevokeClassObject
StringFromCLSID

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

508ec85ce3cf781b19009a07a24d6d17

Headers

File Characteristics

Imports

user32

kernel32

oleacc

advapi32

shlwapi

ole32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 61KB - Virtual size: 61KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 61KB - Virtual size: 61KB

.isete
Size: 1024B - Virtual size: 244KB