06561d8ce53148210778e23525874469_JaffaCakes118

General

Target

06561d8ce53148210778e23525874469_JaffaCakes118
Size

56KB
MD5

06561d8ce53148210778e23525874469
SHA1

ff189f59b1fb7cf6aedfbdf74f81564ae51ab07f
SHA256

ac737ae4d6ecbbab1940117841c3022a23b0af380fb19cc48c3a967479189185
SHA512

9e9b5fb2371e6d2642dbeaff84f3f60b52512e2c60a02044e7d83d2288bd388b53bd9915c427215d2f6fb82d9c71d4ac1db197c748d2e0be6f7b31cc55dc4945
SSDEEP

1536:yclLCs094PpFOKrugDVIbsCI8pm4P8WiGB:yQSgnDruk2bsCI8p/8Wb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06561d8ce53148210778e23525874469_JaffaCakes118

Files

06561d8ce53148210778e23525874469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecaaf1efe5fb58f0aad2bac3f7f4c56b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetLastError
WaitForSingleObject
GetModuleHandleW
GlobalDeleteAtom
FreeResource
SetCurrentDirectoryW
GetSystemTime
GetProcAddress
FreeLibrary
lstrlenW
GetCurrentThread
LoadLibraryA
FindClose
GetCurrentThreadId
WritePrivateProfileStringW
SizeofResource
SetWaitableTimer
LoadResource
GlobalAlloc
CreateFileW
ResumeThread
GlobalAddAtomW
GetCurrentProcess
DeleteFileW
GetFileSize
GetModuleFileNameW
CreateThread
TerminateThread
DuplicateHandle
LockResource

user32

OffsetRect
ReleaseDC
UpdateWindow
PostThreadMessageW
DrawTextW
SetForegroundWindow
PostMessageW
LoadCursorW
IsWindow
SetLayeredWindowAttributes
TranslateMessage
SendDlgItemMessageW
RegisterHotKey
DefWindowProcW
GetCursorPos
EndDialog
ReleaseCapture
SystemParametersInfoW

gdi32

SetBkColor
SelectObject
CreateRoundRectRgn
GetClipBox
CreateICW
CreateBitmap
SetDIBits
GetMapMode
GetStockObject
GetObjectW
CreateFontIndirectW
LineTo

advapi32

InitializeSecurityDescriptor
StartServiceW
SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
RegCloseKey

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecaaf1efe5fb58f0aad2bac3f7f4c56b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB