JaffaCakes118_c46b97533c3843c5e0b556f41210286a

General

Target

JaffaCakes118_c46b97533c3843c5e0b556f41210286a
Size

347KB
MD5

c46b97533c3843c5e0b556f41210286a
SHA1

ea2a556e20fec45e06aa3c2767fcc9547dd618ad
SHA256

bdf2bf8513e04e442e22f685fe3aee4fb06184ff76ea093db7b562ff92af9a7e
SHA512

a81a01a39df59003a772cfc81c6ba493d79e1e679888f264240ccb3d4afdfe5039707f22c38f19df00d1e097e5139d1da650455f752f6ead83030d2d611b71a0
SSDEEP

6144:rrJvqBcIH5XcisNB0JKAjPcaFKuxuGObkr8Tu9hHbfQ5:rRqaIH5XGNWJKaPDKRGObk4Tu9Z45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c46b97533c3843c5e0b556f41210286a

Files

JaffaCakes118_c46b97533c3843c5e0b556f41210286a
.exe windows:5 windows x86 arch:x86

72bb7edd8b8d57c3e166f1be3766f481

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

GetUserProfileDirectoryW

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExW

psapi

GetProcessMemoryInfo

ole32

CoInitializeEx
CoTaskMemFree
StgCreateStorageEx
StgOpenStorageEx
CoCreateInstance
CoInitialize
CoUninitialize

kernel32

FindClose
UnhandledExceptionFilter
IsDebuggerPresent
ReleaseSemaphore
ResumeThread
LeaveCriticalSection
CloseHandle
FreeLibrary
GetFileSize
GetShortPathNameW
VirtualProtectEx
EnterCriticalSection
GetExitCodeThread
GetDriveTypeW
CreateThread
ReadProcessMemory
GetSystemTimeAsFileTime
WaitForSingleObject
FindFirstFileW
SetThreadPriority
SystemTimeToFileTime
OpenProcess
FindNextFileW
SetUnhandledExceptionFilter
CreateFileW
GetSystemTime
DeleteCriticalSection
GetCurrentThreadId
GetACP
CreateDirectoryW
CreateSemaphoreA
VirtualAllocEx

atmlib

ATMFinish
ATMGetNtmFields
ATMClient
ATMGetGlyphListA
ATMBeginFontChange
ATMGetPostScriptNameA
ATMEndFontChange
ATMEnumFonts
ATMGetBuildStrW
ATMEnumFontsA
ATMMakePFMA
ATMGetGlyphListW

kbdit

KbdLayerDescriptor

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72bb7edd8b8d57c3e166f1be3766f481

Headers

File Characteristics

Imports

userenv

advapi32

psapi

ole32

kernel32

atmlib

kbdit

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 323KB - Virtual size: 1.8MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 323KB - Virtual size: 1.8MB

.rsrc
Size: 3KB - Virtual size: 2KB