03e7153aaae89d61596fd015a2b5b2c9_JaffaCakes118

General

Target

03e7153aaae89d61596fd015a2b5b2c9_JaffaCakes118
Size

377KB
MD5

03e7153aaae89d61596fd015a2b5b2c9
SHA1

d7408ed7990a6e21b6c3a1078e9d85b9a1a0ca97
SHA256

906eb53f6a8a45f5fb9e96c345b0bd0a78a922eca05fb3ce7970a5ae1dc4a6ca
SHA512

23231781e744b40c698188ac63d2a7500a85fe8e3edeeafc245dac152941b533021517e937549d31066ca66d22c19e9356c4589bd086dd3f8f74e576c36c70a8
SSDEEP

6144:NWxoeC1/vJ1cWcl8bVe9zAavtGXHPsoGu+8H8VyStSYnmoTqSZpUxUuc4TgUnJWl:NGC1HDcWcWbWHE5RZ9JoTqSvoc4TgUnY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e7153aaae89d61596fd015a2b5b2c9_JaffaCakes118

Files

03e7153aaae89d61596fd015a2b5b2c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbaa2022ae6e35dcf26e57ecc4d375f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
ExitThread
GetProfileIntW
GetPrivateProfileSectionNamesA
QueryPerformanceCounter
SetComputerNameW
HeapAlloc
LoadLibraryA
GetPrivateProfileStructA
ExitProcess
lstrcpyn
OpenWaitableTimerA
GetFullPathNameW
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
OpenProcess
GetModuleHandleA
EnumDateFormatsW
CopyFileA
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
CreateFileA
GetCurrentThreadId
VirtualAlloc
MoveFileW
GetProcAddress
OpenSemaphoreA
GetCurrentProcess
HeapFree
WriteConsoleOutputCharacterA
GetACP
lstrcmpiA
GetCurrentProcessId

comdlg32

FindTextA
GetFileTitleW
LoadAlterBitmap
GetSaveFileNameA
ReplaceTextW
GetFileTitleA
ChooseColorW
GetOpenFileNameA
PrintDlgA
PrintDlgW
PageSetupDlgA
PageSetupDlgW
ChooseFontW

user32

SetLastErrorEx
HideCaret
GetDlgItemInt
IsCharAlphaA
GetScrollPos
PostQuitMessage
ReleaseDC
MapVirtualKeyW
GetDlgCtrlID
FindWindowExA
GetIconInfo
GetSystemMetrics
SetPropA
GetWindowDC
GetClassLongW
SetUserObjectInformationW
GetMenuDefaultItem
MapVirtualKeyExA
DrawTextA
UnhookWindowsHookEx
PeekMessageA
SetTimer
MessageBoxIndirectW

advapi32

CryptSetProvParam

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbaa2022ae6e35dcf26e57ecc4d375f2

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

advapi32

Sections

.text Size: 106KB - Virtual size: 106KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 5KB - Virtual size: 5KB