0363ddc086e6b1f06a3e38499a5969c8_JaffaCakes118

General

Target

0363ddc086e6b1f06a3e38499a5969c8_JaffaCakes118
Size

56KB
MD5

0363ddc086e6b1f06a3e38499a5969c8
SHA1

2cbdc9292716d1bef10bd77e887558faf5f06512
SHA256

ac14c600584d9ecc597f7994bef0f7c8529a99bb23df4c11f887382bee3a5763
SHA512

d950aaf9fa2c62cf05005609766601674efa0bf5f7520e532b175b004c8ffd045074d53d58d1cd861c15da04fbc7f517b1a1c9a5ac2c10e07dd63dc5e0d3feaf
SSDEEP

1536:VvL0peAMcaWemCPS3Hd/Xuma9UOxNYZX:cv3aLmmSXdgbxNYZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0363ddc086e6b1f06a3e38499a5969c8_JaffaCakes118

Files

0363ddc086e6b1f06a3e38499a5969c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be98102e058aba210890ca49a83c27cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
CreateThread
LockResource
LoadLibraryW
GetFileAttributesExW
CreateWaitableTimerW
FindClose
GetSystemTime
SetEndOfFile
SetEvent
FindResourceExW
InterlockedDecrement
FindFirstFileW
FindResourceW
LoadLibraryA
lstrcpyW
QueryDosDeviceW
LoadResource
ResetEvent
DuplicateHandle
GetLogicalDrives
FreeResource
GlobalAddAtomW
GetProcAddress
MoveFileW
GetModuleFileNameW
CancelWaitableTimer
GetCurrentThreadId
CreateFileW
SetCurrentDirectoryW
ReadProcessMemory

user32

InvalidateRect
GetWindowDC
EndDialog
SetCursorPos
GetWindowThreadProcessId
PostThreadMessageW
GetCursorPos
RedrawWindow
SystemParametersInfoW
DialogBoxParamW
GetWindowRect
LoadImageW
TrackPopupMenu
RegisterClassExW
VkKeyScanW
GetSysColor

gdi32

CreateCompatibleDC
CreateFontIndirectW
StretchBlt
SetTextColor
GetStockObject
SetDIBits
SetBkColor
LineTo
CreateICW
DeleteObject
BitBlt
CreatePen
CreateDCW
CreateBitmap

advapi32

RegQueryValueExW
SetSecurityDescriptorDacl
StartServiceW
RegCloseKey
RegOpenKeyExW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be98102e058aba210890ca49a83c27cc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB