156a759e4da0f646294381f88b367e3b_JaffaCakes118

General

Target

156a759e4da0f646294381f88b367e3b_JaffaCakes118
Size

40KB
MD5

156a759e4da0f646294381f88b367e3b
SHA1

db1b83272fa6a1f89d4621cd95406e21a575ffed
SHA256

bdb24ee4894474768ffcd903158504983185e3ab3c9a16700b5394da845cc170
SHA512

5dd21e624f9878e06c5ca7a6e2f8565681b317e0276b7317733d926f6b8bf2a1e5e0772035c7c3b45baf999e83a5ed938118c0a424e1dc3ea7f9aa3c667b2129
SSDEEP

768:hX7UMll6SYa/SKM3gUe+ASCR234VW14IaPLZTTQFRo438cU22xS:hXoMv6SH/SgoGlXe8ckxS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156a759e4da0f646294381f88b367e3b_JaffaCakes118

Files

156a759e4da0f646294381f88b367e3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61628e4a849b5486e7a34849ff2ea6b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
IsValidCodePage
GetSystemDefaultUILanguage
QueueUserAPC
CreateWaitableTimerA
ConvertDefaultLocale
LoadLibraryA
GetModuleHandleA
DeleteFileA
FindAtomA
lstrcatW
GetProfileIntW
GetMailslotInfo
GetDateFormatW
TlsAlloc
SetEnvironmentVariableW
GetCalendarInfoA
TlsSetValue
IsBadStringPtrW
GetModuleFileNameW
GetComputerNameExA
GetShortPathNameA
GetSystemTime
GetLocalTime
_lopen
VirtualAlloc
GetFileAttributesExW
lstrcpy
GetCurrencyFormatA

user32

LoadStringW
TranslateMessageEx
GetDlgItemTextW
DefWindowProcW
SetWindowTextA
GetDlgItemInt
SendDlgItemMessageW
GetDesktopWindow
GetParent
SetDlgItemTextW
ShowWindow
GetSysColor
wsprintfA
SendDlgItemMessageA
wsprintfW
GetDC
TranslateMessage
CharPrevExA
SetForegroundWindow
PeekMessageW
PostMessageA
DispatchMessageA
MessageBoxA
ReleaseDC
PostMessageW
LoadIconW
PostQuitMessage
LoadIconW
CreateWindowExA
CharNextExA
SendMessageW
DialogBoxParamW
BeginPaint
CharNextW
DispatchMessageW
GetClientRect
SetDlgItemInt
IsCharLowerA

gdi32

OffsetWindowOrgEx

advapi32

RegEnumKeyExW

shell32

StrStrIW
StrRStrIW
ExtractIconResInfoA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61628e4a849b5486e7a34849ff2ea6b2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB