1885ac32164a3c3fb975282fd657af8b_JaffaCakes118

General

Target

1885ac32164a3c3fb975282fd657af8b_JaffaCakes118
Size

33KB
MD5

1885ac32164a3c3fb975282fd657af8b
SHA1

4fa06d53f0fb773eebfb57ec9ce59da866821daf
SHA256

be72468b4c52745c92edfeb0668423da6ff8313237eeb18668913ec7a479ebf0
SHA512

85a7b0f4a85f3e16bec4dc35bce6e289869445f705d817e25029d87998af6b2094fd28b28836990dc5582141cd4c4e50befa989487e243ddfcf3581eba1100ec
SSDEEP

384:Gr9MUfDopREmd3yghuQtmJuLnfGFpm4ZNPq53m6Cjyg/v1PwJA3d7i4C+zrZ1xV4:Kzf01JyrlJUf8pmD+G0gKxydcXFy/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1885ac32164a3c3fb975282fd657af8b_JaffaCakes118

Files

1885ac32164a3c3fb975282fd657af8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ae1b12358d98e51bc0b4ec835cf91b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtMakePermanentObject
RtlDeNormalizeProcessParams
ZwAllocateVirtualMemory
ZwSetEaFile
NtExtendSection
ZwLockRegistryKey

kernel32

GetLocalTime
SetUnhandledExceptionFilter
DuplicateHandle
GetComputerNameA
lstrcmpA
lstrcpynW
HeapCreate
TlsAlloc
OpenMutexW
lstrcpyW
WinExec
FileTimeToDosDateTime
Beep
ExpandEnvironmentStringsA
lstrcmpW
SetCurrentDirectoryA
lstrcpyA
Beep
GetVersion
GetACP
GetProcessHeap
GetFileAttributesA

user32

wsprintfA
GetWindowTextLengthA
SendMessageA
keybd_event
GetDlgItemTextW
SetForegroundWindow
GetDC
LoadCursorW
CreatePopupMenu
MessageBoxIndirectW
GetKeyboardType
GetMenu
GetMenuItemInfoW
SetDlgItemTextW
LoadCursorA
DefWindowProcW

gdi32

GetBitmapBits
TextOutW
CreateFontA
SaveDC
ExtTextOutW

advapi32

RegSaveKeyA
RegOpenKeyW

comdlg32

FindTextA

shell32

FreeIconList

ole32

CoCreateInstance

version

VerFindFileW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ae1b12358d98e51bc0b4ec835cf91b7

Headers

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

version

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 5KB