150363ffe29e4d3ac9b874c640a85d23_JaffaCakes118

General

Target

150363ffe29e4d3ac9b874c640a85d23_JaffaCakes118
Size

593KB
MD5

150363ffe29e4d3ac9b874c640a85d23
SHA1

4f1fbb29ad11093d13e710ec0961b9cf5ee1cf35
SHA256

9facdafeab6a4fcbb19e40fbd9d1a41db7f7b62f0e147cb6202229e0c3d15f68
SHA512

ae5a2dbf139df4aa2f1a6f87f0481b1a8fd649634c3aef61e2039bbc073096a4c74c070dd6e488e1c90994c00b6aeefebdbdc8598f693154ffaf46a72b316b76
SSDEEP

6144:UKPsCyT8KPsChySQoLnrA6JTzAQHTLVXCTyOe5mUjaw6:UKPsC88KPsChySQoLnrRzLVDHmAH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150363ffe29e4d3ac9b874c640a85d23_JaffaCakes118

Files

150363ffe29e4d3ac9b874c640a85d23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9343ecfc81e057180b474b0310fdb7d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
RtlZeroMemory
SetLastError
SizeofResource
Process32First
WriteFile
WriteProcessMemory
lstrcmpiA
lstrlenA
OpenProcess
MulDiv
LockResource
LoadResource
GlobalAlloc
GetTickCount
GetTempPathA
GetTempFileNameA
GetProcAddress
GetModuleHandleA
FreeResource
FindResourceA
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateRemoteThread
CreateFileA
VirtualAllocEx
CloseHandle

user32

SetWindowTextA
SetTimer
SetDlgItemTextA
SendMessageA
SendDlgItemMessageA
ReleaseDC
OffsetRect
MessageBoxA
LoadIconA
GetDlgItemTextA
GetDC
GetClientRect
GetAsyncKeyState
GetActiveWindow
FillRect
EndDialog
EnableWindow
DrawTextA
DialogBoxParamA
GetDlgItem

gdi32

SetBkMode
SetTextColor
DeleteDC
SetBkColor
CreateFontA
BitBlt
CreateBrushIndirect
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
CreatePatternBrush
CreateDIBSection
CreateCompatibleDC
DeleteObject

oleaut32

OleLoadPicture

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc

comctl32

InitCommonControls

shell32

ShellExecuteA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9343ecfc81e057180b474b0310fdb7d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

ole32

comctl32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 54KB - Virtual size: 94KB

.rsrc Size: 529KB - Virtual size: 529KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 54KB - Virtual size: 94KB

.rsrc
Size: 529KB - Virtual size: 529KB