16176c9031ecc228e42d5084e01308d4_JaffaCakes118

General

Target

16176c9031ecc228e42d5084e01308d4_JaffaCakes118
Size

31KB
MD5

16176c9031ecc228e42d5084e01308d4
SHA1

a5e155be72a4f3a7da3815905d81d356bbb5319f
SHA256

d05fcda7c131e258f700fa3550ed3121a04419df964d367db19ee76fad318169
SHA512

e7a4f90ba4f3049009da0f91338a1fabc79e7cf9198e8bd24f4a10e59a1e63f16fba490adc6d9a0bb95a3c125518db65f4d206a32e8b99ffca63afe602626902
SSDEEP

384:nWl4EvQ88+DaoGtBmIw6wcuPFYE3AH9/obTyRzBMHYfTnQV6hzfmy1ke:mR8+DavDHwV/FYEqAU9iOJ8Ve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16176c9031ecc228e42d5084e01308d4_JaffaCakes118

Files

16176c9031ecc228e42d5084e01308d4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b519d68a10e4cd118f4cb5f5a1b0c435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
HeapFree
LCMapStringA
Module32Next
GetLocaleInfoA
GetACP
GetModuleHandleA
ResetEvent
HeapSize
GetFileAttributesA
LocalAlloc
GetStartupInfoA
FileTimeToSystemTime
GetSystemInfo
IsValidCodePage
InitializeCriticalSection
GetTimeFormatA
CreateFileA
GetCurrentProcessId
GetEnvironmentStringsW
GetCPInfo
SetErrorMode
lstrcpynA
GetCurrentProcess
EnterCriticalSection
DuplicateHandle
GetLastError
IsBadStringPtrA
GetCommandLineW
GetStdHandle
LoadResource
GetTickCount
ExpandEnvironmentStringsA
LockResource
ExitThread
SetEndOfFile
GetDriveTypeA
VirtualFree
GetProcessAffinityMask

user32

ReleaseDC
PtInRect
IsWindowVisible
GetWindowThreadProcessId
CreateDialogParamA
GetFocus
SendMessageA
CreateWindowExA
DeleteMenu
OpenClipboard
GetSysColor
GetWindow
EndDeferWindowPos
FillRect
TrackPopupMenu
LoadCursorA
GetWindowRect
GetParent
GetDoubleClickTime
GetWindowTextA
GetSubMenu
DialogBoxParamA
RemoveMenu
FindWindowExA
DrawTextA
SystemParametersInfoA
LoadStringA
LoadImageA
DefWindowProcA
InsertMenuA
LoadAcceleratorsA
DispatchMessageA

msvcrt

_acmdln
_adjust_fdiv
_except_handler3
__p__fmode
__set_app_type
memcpy
__getmainargs
_exit
_initterm
__p__commode
_controlfp
exit
__setusermatherr
_XcptFilter

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b519d68a10e4cd118f4cb5f5a1b0c435

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 164B