JaffaCakes118_8bdd9c4dbfa9bd715bac971000445b50

General

Target

JaffaCakes118_8bdd9c4dbfa9bd715bac971000445b50
Size

98KB
MD5

8bdd9c4dbfa9bd715bac971000445b50
SHA1

95bb2e6154c84acb45bd1eca4582ab69ab2c9e90
SHA256

fd417791a0674386a66e51560952deeb8abab466bcf21a4c6282e2f644b7bd03
SHA512

408d79e29a396193d08d922f1d8aab94182ca36f4291f4494b597828c27302ff622b7f1081e5658ecfc8738b7017ede83ce2ecbf4cc0a8422beb797056504a9d
SSDEEP

3072:jlGCqxKxZF5RiR29hs1f19f/D+nJZHPgY:jkBxem2sd19fSnf4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8bdd9c4dbfa9bd715bac971000445b50

Files

JaffaCakes118_8bdd9c4dbfa9bd715bac971000445b50
.exe windows:4 windows x86 arch:x86

4b9d9285b548566e5d66d828a052b7b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenSCManagerW
OpenProcessToken
GetSidSubAuthority
RegCreateKeyExW
RegOpenKeyExW
QueryServiceConfigW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
QueryServiceStatus

ulib

??0MULTIPLE_PATH_ARGUMENT@@QAE@XZ
?QueryScreenSize@SCREEN@@QBEXPAG000@Z
?QueryChCount@BSTRING@@QBEKXZ
??0PRINT_STREAM@@QAE@XZ
?MoveCursorTo@SCREEN@@QAEEGG@Z
??1BYTE_STREAM@@UAE@XZ
??1HMEM@@UAE@XZ
?Strspn@WSTRING@@QBEKPBV1@K@Z
??0MESSAGE@@QAE@XZ
??0STRING_ARRAY@@QAE@XZ
?Resize@HMEM@@QAEEKK@Z
?Display@MESSAGE@@QAAEPBDZZ
?Acquire@HMEM@@UAEPAXKK@Z

gdi32

GetBkColor
DeleteObject
SaveDC
ExtTextOutW
BitBlt
SetTextAlign
SelectClipRgn
DeleteDC

ole32

OleRun
OleMetafilePictFromIconAndLabel
OleRegEnumVerbs
CoAddRefServerProcess
CoRegisterMessageFilter
CoSuspendClassObjects
CoDisconnectObject
OleRegGetMiscStatus

user32

DispatchMessageW
GetCursorPos
MoveWindow
DialogBoxParamW
GetWindowLongW
SetMenuItemBitmaps
GetSysColor

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wrdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b9d9285b548566e5d66d828a052b7b6

Headers

File Characteristics

Imports

advapi32

ulib

gdi32

ole32

user32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 968B

.wrdata Size: 72KB - Virtual size: 72KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 968B

.wrdata
Size: 72KB - Virtual size: 72KB