16dfbdf9b747088ca3b4641dec8e5b99_JaffaCakes118

General

Target

16dfbdf9b747088ca3b4641dec8e5b99_JaffaCakes118
Size

52KB
MD5

16dfbdf9b747088ca3b4641dec8e5b99
SHA1

032363c0647000eda5f51f7ee9445c760ce237e1
SHA256

e971547481f2ba7d7cfafd541152abc84f370cf539bc95bcae8c72e4082c067b
SHA512

ea39d15df247c131b07b9979b54ae555e0a89fd0962934629168a03fa2751b49da0ec27f8e94b929d93c4111bc01ad489f656d37edcaf36efa1e5d96393c43ab
SSDEEP

768:blmUxOVqPjhqocq4gHEczoS2GUIk18W+Sn2h0mMYdp8g7wA4+QqoYS/hZEDz:blGMYQfHEcI7l8umbpn7wA4VqcEDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16dfbdf9b747088ca3b4641dec8e5b99_JaffaCakes118

Files

16dfbdf9b747088ca3b4641dec8e5b99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94095509bc10fa3b205979b40d51a85f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationW
ResumeThread
WaitForMultipleObjects
DuplicateHandle
SetLastError
GetFileAttributesExW
SetFilePointer
GetCurrentProcessId
GetUserDefaultLangID
FindResourceW
VirtualAlloc
FindResourceExW
lstrcpyW
GetFileAttributesW
CreateEventW
LoadLibraryA
GetCurrentThread
GetTickCount
LoadResource
GetProcAddress
GetLogicalDrives
GetModuleHandleW
ResetEvent
GetCurrentProcess
InterlockedIncrement
CreateProcessW
FreeLibrary

user32

GetWindowThreadProcessId
SetForegroundWindow
GetClassNameW
GetWindowDC
SetCursorPos
SetWindowTextW
GetMessageW
EnableWindow
SystemParametersInfoW
PostThreadMessageW
SetCursor
RegisterHotKey
IsWindow
SetLayeredWindowAttributes
ReleaseDC

gdi32

DeleteDC
BitBlt
GetObjectW
CreateICW
DPtoLP
GetClipBox
Rectangle
SetDIBits
GetStockObject
CreateSolidBrush
StretchBlt
GetMapMode

advapi32

RegSetValueExW
RegQueryValueExW
SetSecurityDescriptorDacl

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94095509bc10fa3b205979b40d51a85f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB