094c3f5c60d42bfb05947dc490dd2f8f_JaffaCakes118

General

Target

094c3f5c60d42bfb05947dc490dd2f8f_JaffaCakes118
Size

95KB
MD5

094c3f5c60d42bfb05947dc490dd2f8f
SHA1

ab82187da28e41098e07a4497220cfe4695293b1
SHA256

a73a302eb09f956d788d305ae078b13dad8eaa0f40fb1cc5b3dd561b715ac6c3
SHA512

38b168328712a707c8d5d5d41da7695bf7c68c689069c4b51981fef05856cb4d2eadea2e8ee519c6378197a0f9b024afc02bc23c3ccc458b4f7ce4ed7909c6ed
SSDEEP

1536:3s+jELDvoW0Galy2bG2oPPMvbcjX9MBVonKr:3spLDvh0Gas2qbOqMBuKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094c3f5c60d42bfb05947dc490dd2f8f_JaffaCakes118

Files

094c3f5c60d42bfb05947dc490dd2f8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7cfe4a3db127268c63b60e564536ade

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
LoadResource
LockResource
GetStartupInfoA
GetLastError
HeapFree
LoadLibraryA
GetProcAddress
FlushFileBuffers
SetStdHandle
HeapAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleHandleA
FreeResource
GetCommandLineA
GetVersion
SetFilePointer
CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess

user32

MessageBoxA
GetActiveWindow
EndDialog
DrawIcon
SetWindowPos
DestroyWindow
PostQuitMessage
BeginPaint
EndPaint
GetSystemMenu
AppendMenuA
SetWindowTextA
GetWindowRect
GetDC
CheckMenuItem
ReleaseDC
DialogBoxParamA
GetDlgItemTextA
SetDlgItemTextA
FindWindowA
SetForegroundWindow
CreateDialogParamA
LoadIconA
SetClassLongA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA

gdi32

GetStockObject

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7cfe4a3db127268c63b60e564536ade

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1024B - Virtual size: 823B

.data Size: 10KB - Virtual size: 35KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 68KB - Virtual size: 68KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1024B - Virtual size: 823B

.data
Size: 10KB - Virtual size: 35KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 68KB - Virtual size: 68KB