63f020fdd37d5fbbd716dc5e43d8dbae_JaffaCakes118

General

Target

63f020fdd37d5fbbd716dc5e43d8dbae_JaffaCakes118
Size

496KB
MD5

63f020fdd37d5fbbd716dc5e43d8dbae
SHA1

1fb907f9202dee3b00adfe43f41dc4772d8572d1
SHA256

f4ab1818af8ebd8e5b6763243fefa96c86db69c62f00cb564198ff6149a4e10b
SHA512

5af616252f2a6fd1db1d84804725ad90ec28ae113ee2f5c10d5c6529a10a119f45a10621c93df3f10497d014c2e9a2474e551cfd2080bbd16ecc74a97d11ef31
SSDEEP

12288:545fonA3GvLnRJAGhfXt+bulIzxbss7fLOR:5A+rFXtMXGzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
63f020fdd37d5fbbd716dc5e43d8dbae_JaffaCakes118

Files

63f020fdd37d5fbbd716dc5e43d8dbae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11d08b4a3eed579808ff2f1a8b705d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
PostQuitMessage
LoadStringA
SetFocus
MessageBoxA
DefWindowProcA
DestroyWindow
CreateWindowExA
LoadIconA
SendMessageA
ShowWindow
UpdateWindow
LoadCursorW
LoadBitmapW
InvalidateRect
ScrollWindow
RemovePropW
RegisterClipboardFormatW
SendDlgItemMessageW
RemoveMenu
ScreenToClient
DrawFocusRect
DrawFrameControl
GetClassNameA

kernel32

WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
HeapFree
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetModuleHandleA
HeapAlloc
VirtualAlloc
GetProcAddress
WideCharToMultiByte
CreateFileA
GetStartupInfoA
lstrlenA
lstrcmpA
lstrcpyA
GetLastError
ExitProcess
LoadLibraryA
lstrcatA
GetCurrentDirectoryA
GetSystemInfo
SetLastError

gdi32

CreateCompatibleDC
TextOutA

comctl32

ord17

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11d08b4a3eed579808ff2f1a8b705d71

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 325KB - Virtual size: 325KB

.rsrc Size: 129KB - Virtual size: 129KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 325KB - Virtual size: 325KB

.rsrc
Size: 129KB - Virtual size: 129KB