085a4705f387ac3ea9c38a674a8b9139_JaffaCakes118

General

Target

085a4705f387ac3ea9c38a674a8b9139_JaffaCakes118
Size

60KB
MD5

085a4705f387ac3ea9c38a674a8b9139
SHA1

1a45d53b7203cccb7247bdf8394fb84b556fa923
SHA256

f4a5b2f4488b5782a8d218347ee6cb3bc8f418d419a4d3e4dccc9f028b2fd923
SHA512

2969bb56459d68abc6a86e417d466717092429dc2381762fe5686d89ee6a4a4dad75a5133b06ad198054337bcb07d5bc7eedccd4fa3e6527393eec43cb53ae36
SSDEEP

1536:EpfKhWFf9E+AYsKSJLT20VzWDrCAMP8DV4/RI1yWXP:YfKsF1EcsKKnHVzWDrCApq/RbWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
085a4705f387ac3ea9c38a674a8b9139_JaffaCakes118

Files

085a4705f387ac3ea9c38a674a8b9139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a15ebf3586ab2d33440de8cf6626a47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
SetLastError
QueryDosDeviceW
GetCurrentProcess
WideCharToMultiByte
GetFileSize
MoveFileW
SetCurrentDirectoryW
SizeofResource
GetFileAttributesExW
FindResourceExW
LoadLibraryA
GetProcAddress
FileTimeToSystemTime
GetCurrentProcessId
CreateThread
GetVersion
CloseHandle
CreateFileW
GlobalFree
VirtualAlloc
GetLastError
GetSystemTime
SetEndOfFile
GetUserDefaultLangID
GlobalLock
WaitForMultipleObjects
GetDriveTypeW
GetCurrentThreadId
CreateEventW
FindClose

user32

SetCapture
GetKeyState
wsprintfW
ReleaseCapture
IsWindow
SetCursorPos
GetWindowRect
CreatePopupMenu
EnableWindow
SetCursor
LoadBitmapW
TrackPopupMenu
GetParent
SetWindowPos
SetLayeredWindowAttributes
IsDlgButtonChecked
EndDialog
DispatchMessageW
LoadImageW
VkKeyScanW

gdi32

CreateRoundRectRgn
LineTo
GetMapMode
SetMapMode
SelectObject
GetStockObject
StretchBlt

advapi32

RegNotifyChangeKeyValue
InitializeSecurityDescriptor

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a15ebf3586ab2d33440de8cf6626a47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB