09f9f18168fe737b21c771faf5933e71_JaffaCakes118

General

Target

09f9f18168fe737b21c771faf5933e71_JaffaCakes118
Size

92KB
MD5

09f9f18168fe737b21c771faf5933e71
SHA1

2fe9d4b781dcd7d00af2131726b85ed7a5c4975f
SHA256

16d674c63076cdd9f225f0207fbe83d360c5a8eb20234241b4959a02aec30c8d
SHA512

cfeb4ef5875b9c5db893ba09b627f6db180669f2b74ba2a59ea01673ea1560631062bd2456000bb859a5a242a7dd55e2910a76fff1d12eb3bb7d0064d904de52
SSDEEP

1536:BTwDyCPRoBGrveyg7hIwxwtnpTpGVSMWDtbAnkUr:5w3RooF9wEndggNE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09f9f18168fe737b21c771faf5933e71_JaffaCakes118

Files

09f9f18168fe737b21c771faf5933e71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92643a04b3e91cdc6d0139e2f86ecf06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrlenA
TerminateProcess
GetCurrentProcess
GetLastError
GetProcAddress
LoadLibraryA
SwitchToThread
SetThreadPriority
GetCurrentThread
LCMapStringA
SetLastError
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetComputerNameA
GetStringTypeW
GetUserDefaultLangID
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

GetWindowLongA
FindWindowA
GetParent
GetScrollRange
GetThreadDesktop
FlashWindowEx
CreateWindowExA
GetUserObjectInformationA
MessageBoxA
LoadMenuA
GetSubMenu
wsprintfA
GetDC
IsWindow

gdi32

SetTextColor
Escape

comdlg32

FindTextA

msvcrt

_itoa

msimg32

GradientFill

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92643a04b3e91cdc6d0139e2f86ecf06

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

msvcrt

msimg32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 67KB - Virtual size: 66KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 67KB - Virtual size: 66KB