JaffaCakes118_6a71caaa92bc56ab0ac84d5144d9e8c0

General

Target

JaffaCakes118_6a71caaa92bc56ab0ac84d5144d9e8c0
Size

122KB
MD5

6a71caaa92bc56ab0ac84d5144d9e8c0
SHA1

b75ef7763ae6b00e634a7726ea7643ce8530540d
SHA256

c26961e560b0852e74ab846752dadf400180a3a0b806a6ac9091ef4ff443d3fe
SHA512

a47f8fbd8f61de2b883d7068c34f7fb00ed8bd32c44749553c05bcc7273a327df84c778a89c1722471b07ae3f137f56fd2ed8d3f1f961583b28e5e810c780afb
SSDEEP

3072:kXaXZykCwFOhhiz0zaBypQpszCRbFqO/zDaZB:q7kCwsiuaBDOCbFd/zu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a71caaa92bc56ab0ac84d5144d9e8c0

Files

JaffaCakes118_6a71caaa92bc56ab0ac84d5144d9e8c0
.exe windows:5 windows x86 arch:x86

51b0dc7e437e02b91d55de7e230a86f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
GetDriveTypeA
FindAtomW
ReadConsoleA
GetStringTypeW
DeleteFileW
lstrlenA
CloseHandle
Sleep
TlsGetValue
ReleaseMutex
VirtualProtectEx
PulseEvent
LoadLibraryW
ReadConsoleA
HeapSize
SearchPathA
GetLogicalDrives
GetStartupInfoA
ReadConsoleA
GetPrivateProfileSectionA

uxtheme

GetThemeSysSize
GetThemeTextExtent
GetThemeColor
OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeEdge
IsThemeActive
GetThemeTextMetrics
SetWindowTheme
GetWindowTheme
GetThemeBool
CloseThemeData

gpedit

BrowseForGPO
ExportRSoPData
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51b0dc7e437e02b91d55de7e230a86f3

Headers

File Characteristics

Imports

kernel32

uxtheme

gpedit

Sections

.text Size: 1024B - Virtual size: 1024B

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 320B

.rsrc Size: 114KB - Virtual size: 114KB

.import Size: 512B - Virtual size: 289B

.orpc Size: 512B - Virtual size: 136B

.text
Size: 1024B - Virtual size: 1024B

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 320B

.rsrc
Size: 114KB - Virtual size: 114KB

.import
Size: 512B - Virtual size: 289B

.orpc
Size: 512B - Virtual size: 136B