0baff75ab6e3dd38e5106f6ca698d470_JaffaCakes118

General

Target

0baff75ab6e3dd38e5106f6ca698d470_JaffaCakes118
Size

31KB
MD5

0baff75ab6e3dd38e5106f6ca698d470
SHA1

13e865363140ab0c2d488f773ae25a973d999c50
SHA256

550441a95824f215c63ee58872d85ee44bbfa81888d4cf393da7d3bd4f18969b
SHA512

d944e9db300efb3fd877435386ed96fa03ba194b521f1827eedd444d0493b96359eb9564c880cc80ef43611a4021598bcb29498b9bc0fed2ce97f82b268242a5
SSDEEP

768:zJqiy8FT0D583dR6aUMNIVsXTHJYdQId1Q:zJqiyUYF83KaUMnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0baff75ab6e3dd38e5106f6ca698d470_JaffaCakes118

Files

0baff75ab6e3dd38e5106f6ca698d470_JaffaCakes118
.exe windows:62191 windows x86 arch:x86

7a16fbfcd1a899a872aaeb4af71368be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetFilePointer
lstrcpyW
EnterCriticalSection
GetProcessHeap
GetModuleHandleW
VirtualAlloc
MultiByteToWideChar
CreateFileW
GetCurrentProcess
HeapReAlloc
LoadLibraryW
SetFilePointer
GetCommandLineA
DeleteCriticalSection
GetCommandLineW
GetCurrentProcessId
GetStartupInfoA
EnterCriticalSection
GetProcAddress
InterlockedDecrement
GetCommandLineA
GetModuleHandleA
VirtualAlloc
VirtualAlloc
LeaveCriticalSection
GetModuleFileNameA
SetEvent
GetTickCount
GetModuleHandleA
HeapAlloc
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
Sleep
SetEvent
InitializeCriticalSection
WaitForSingleObject
InitializeCriticalSection
VirtualFree
GetCommandLineW
lstrcpyW
ExitProcess
InitializeCriticalSection
lstrcpyW
GetCurrentProcess
SetFilePointer
WriteFile
GetProcAddress

user32

EndDialog
GetDC
CharNextW
GetWindowLongW
wsprintfA
RegisterClassW
BeginPaint
GetDesktopWindow
CallWindowProcW
LoadIconW
ScreenToClient
SetTimer
SetRect
SetWindowLongW
GetSubMenu
GetDlgItemTextW
ScreenToClient
MessageBeep
GetMessageW
DefWindowProcW
IsWindowVisible
IsDlgButtonChecked
DrawTextW
PeekMessageW
DestroyWindow
CopyRect
FindWindowW
GetKeyState
GetSubMenu
ReleaseDC
LoadStringW
SetCapture
KillTimer
ScreenToClient
PostMessageW
DestroyWindow
GetWindowLongW
CharNextW
DispatchMessageW
PostQuitMessage
GetMenu

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a16fbfcd1a899a872aaeb4af71368be

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB