3995b3899c8194b5994dae21ec05dc29_JaffaCakes118

General

Target

3995b3899c8194b5994dae21ec05dc29_JaffaCakes118
Size

661KB
MD5

3995b3899c8194b5994dae21ec05dc29
SHA1

c57d4607b6b554eeed408280c8774d2f11810545
SHA256

29e040545d87b78952867316216099e4bdea944634e190e5029ead282303beb5
SHA512

da4cc4a914dca03733154cca3e47033e40380b819a2d00ef54829deaa11e1207631c2e2a81ae32fc6e1b2393591e79a6271b8226316b509c8e1c155f3a7bacc8
SSDEEP

12288:luriHHbRBt91s+zrTvsxoz15D0Gi/LR9VOAYf3DSJ7njwbpTyXQ5:2iHHbZssrTvv5D0P/OAScspTyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3995b3899c8194b5994dae21ec05dc29_JaffaCakes118

Files

3995b3899c8194b5994dae21ec05dc29_JaffaCakes118
.exe windows:6 windows x86 arch:x86

d1d213ce6518eda6ed70a06e1be5999e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
IsProcessorFeaturePresent
DefineDosDeviceA

mpr

WNetCancelConnection2A

comctl32

InitCommonControlsEx

user32

ShowWindow
DefWindowProcW
GetClientRect
ReleaseDC
GetMessageW
DrawTextW
GetForegroundWindow
SetCapture
LoadBitmapW
FrameRect
GetWindowRect
DrawMenuBar
IsZoomed
WaitMessage
GetDlgItemTextW
InvertRect
BeginPaint
PeekMessageW
EnableMenuItem
CheckRadioButton
GetSystemMetrics
LoadCursorW
UnionRect
UpdateWindow
IntersectRect
EndPaint
CreateWindowExW
MoveWindow
InvalidateRect
LoadAcceleratorsW
SetRect
EndDialog
GetSubMenu
DestroyWindow
IsDlgButtonChecked
CheckDlgButton
wsprintfW
ReleaseCapture
DialogBoxParamW
OffsetRect
GetDC
SetDlgItemTextW
WinHelpW
GetWindowPlacement
SendMessageW
RegisterClassW
GetDesktopWindow
TranslateAcceleratorW
PostMessageW
DispatchMessageW
PtInRect
FillRect
GetDlgItem
MessageBoxW
LoadIconW
GetMenu

iphlpapi

GetIpAddrTable

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1d213ce6518eda6ed70a06e1be5999e

Headers

File Characteristics

Imports

kernel32

mpr

comctl32

user32

iphlpapi

Sections

.text Size: 248KB - Virtual size: 247KB

.data Size: 205KB - Virtual size: 937KB

.rdata Size: 25KB - Virtual size: 25KB

.rsrc Size: 181KB - Virtual size: 181KB

.text
Size: 248KB - Virtual size: 247KB

.data
Size: 205KB - Virtual size: 937KB

.rdata
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 181KB - Virtual size: 181KB