17a903fb4b4496b5aa3034246e1d922a_JaffaCakes118

General

Target

17a903fb4b4496b5aa3034246e1d922a_JaffaCakes118
Size

148KB
MD5

17a903fb4b4496b5aa3034246e1d922a
SHA1

753111612a061cd4ada72f7eafba688cc7d34b36
SHA256

7aded8558d971921c9a2e6d4e0b2dca559277df6715960c14559befd7839a2ee
SHA512

1d950b52c3e6f449ed740eac00625e09b56ae02b226c88865bb9dc3d1de9dfe20c0cb222400f022580dd0912d66d735269ef7030ac9b2459bb1d00789cbecaaf
SSDEEP

3072:KUeqXx3rLFPIavpTvEvGVKZDjC+kVe/fVR3DBgP8:KEZtHTvMGOfnkWVVlg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a903fb4b4496b5aa3034246e1d922a_JaffaCakes118

Files

17a903fb4b4496b5aa3034246e1d922a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8162d33c60a05e81533ad882fc47ad1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrlenW
ExitThread
GetACP
IsBadReadPtr
GetLastError
GetCommandLineA
GetModuleHandleA
ExitProcess
LoadLibraryA
LocalAlloc
VirtualAlloc

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

user32

CharNextA
CreateIcon
CharNextW
DestroyWindow
CallWindowProcA
DrawEdge
CloseClipboard
CharLowerA
CharUpperBuffA
DrawFrameControl
CreatePopupMenu
DefFrameProcA
ChildWindowFromPoint
CharLowerBuffA
DestroyMenu
CreateMenu
DestroyCursor
DefWindowProcA
DeleteMenu
DestroyIcon
AdjustWindowRectEx
DrawIcon
DefMDIChildProcA
DispatchMessageA
DispatchMessageW
ClientToScreen
BeginPaint
CheckMenuItem
CallNextHookEx
CharToOemA

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8162d33c60a05e81533ad882fc47ad1f

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.bss Size: 4KB - Virtual size: 1KB

.gdata Size: 8KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.bss
Size: 4KB - Virtual size: 1KB

.gdata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 8KB