f3189c71437d18b7e43f1e5cb301a83b_JaffaCakes118

General

Target

f3189c71437d18b7e43f1e5cb301a83b_JaffaCakes118
Size

72KB
MD5

f3189c71437d18b7e43f1e5cb301a83b
SHA1

6dce2c8bd8ce55a71c74238f7132960963b30104
SHA256

28a9d0d6188c21ea09d16d74ea520c77c9c5936bd83c9ad10b36116b54918664
SHA512

5dd12cdd95415ea7c08f87baa498e2647602dfd69e9784b6f2feda338f6e3d30987f16067e78c70e8e43ad24420bd55e2f0a95604b65f94c3def438a54c38bee
SSDEEP

1536:kmuI/sVlNDW+pHe+V2GNXnKe34z9V3Fiwtv4DvMeXl:ki/spDW+5X2Gse349viwtv4zH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3189c71437d18b7e43f1e5cb301a83b_JaffaCakes118

Files

f3189c71437d18b7e43f1e5cb301a83b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9532f8a2cea3be90d21d5113d193859c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetVersion
GetCurrentThreadId
GlobalUnlock
WaitForMultipleObjects
GetProcAddress
WideCharToMultiByte
GetLogicalDrives
FindNextFileW
GlobalDeleteAtom
FindResourceW
SetEvent
SetEndOfFile
MoveFileW
GlobalAddAtomW
MultiByteToWideChar
LoadLibraryW
DuplicateHandle
QueryDosDeviceW
TerminateThread
LoadLibraryA
ResumeThread
lstrcpyW
SuspendThread
GetPrivateProfileStringW
GetUserDefaultLangID
GetFileAttributesW
GlobalLock
FileTimeToSystemTime
GetTickCount

user32

TrackPopupMenu
GetKeyState
RedrawWindow
ReleaseDC
WindowFromPoint
PostMessageW
GetWindowThreadProcessId
GetParent
SystemParametersInfoW
DialogBoxParamW
CreatePopupMenu
SetCursorPos
MessageBoxW
LoadCursorW
wsprintfW
IsWindow
FillRect
SetLayeredWindowAttributes
SetWindowTextW
GetWindowTextW
LoadStringW
UpdateWindow
DrawTextW
TranslateMessage
DestroyMenu

gdi32

SetBkMode
SetMapMode
SetTextColor
Rectangle
DeleteObject
CreateICW
SelectObject
LineTo
CreateSolidBrush

advapi32

GetUserNameW
InitializeSecurityDescriptor
RegCloseKey
LookupPrivilegeValueW
LookupAccountSidW
RegDeleteValueW

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9532f8a2cea3be90d21d5113d193859c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 992B

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 992B