09b37bdadd9333e83c75d541f5918f1c_JaffaCakes118

General

Target

09b37bdadd9333e83c75d541f5918f1c_JaffaCakes118
Size

123KB
MD5

09b37bdadd9333e83c75d541f5918f1c
SHA1

fc67d46454c18cb1b347167ffcd4bf0802d4499a
SHA256

238474a6849e58d1afbbba58a0ace99658bb8215981ea91786cf471f60426c5a
SHA512

7ba973808cf91a09bc068e2813d03f9d438398c71ee57bb19003f1aa776afd0cc8b6089190a4378b46ef7d220d5d9362e479290c49a2c8da08c7f91e4591637f
SSDEEP

3072:UCjAWZZeimww4uc72ZIVu/JMLcllXw5Ee6PGva:VjXZZdJw5JZ6LcAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uaa.exe

Files

09b37bdadd9333e83c75d541f5918f1c_JaffaCakes118
.gz
uaa.exe
.exe windows:4 windows x86 arch:x86

d9b4e1854635d7e0567505eebace9d69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetUserDefaultLangID
CompareStringW
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
HeapReAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetProcAddress
GetCommandLineA
VirtualAlloc
lstrcatA
CloseHandle
GetThreadLocale
CompareStringA
MulDiv
GetFileType
SetEnvironmentVariableA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

user32

SetCursorPos
SetFocus
FindWindowA
CreatePopupMenu
GetSubMenu
InsertMenuItemA
OpenClipboard
EmptyClipboard
SetRect
DrawCaption
LoadMenuA
GetMenuItemInfoA
MoveWindow
GetDC
IsClipboardFormatAvailable

gdi32

CreateHatchBrush
SelectObject
DeleteObject
GetDeviceCaps
CreateFontA
CreateEllipticRgn
SetBkMode
CreateBrushIndirect

msimg32

AlphaBlend

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b4e1854635d7e0567505eebace9d69

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 120KB - Virtual size: 119KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 120KB - Virtual size: 119KB