264ca9312ca613b9b4c2aa59212a82f6_JaffaCakes118

General

Target

264ca9312ca613b9b4c2aa59212a82f6_JaffaCakes118
Size

56KB
MD5

264ca9312ca613b9b4c2aa59212a82f6
SHA1

34e278e05a37d4a5f716549b3186e9fcc6b9aef9
SHA256

8688a1adaa3ca374add9811be3cd861104199ad92acc94d7ea732ec83c9eac7f
SHA512

889ea9beae3a5872a2f087ee9c872e85dcf932ab062cc3ff348fc403303bb13aa773ab5b53eb3ad0087754dad9532f978cba323d4ac2645a93d5ca880944458c
SSDEEP

768:/M0JbGpIg2tP8dJKQClda6GbTGurMhkB/R4GlEjrZUB50vXkI:/M0z5tkDKQCldagy/R48EjrZUTuXkI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
264ca9312ca613b9b4c2aa59212a82f6_JaffaCakes118

Files

264ca9312ca613b9b4c2aa59212a82f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60654b1302ef4e7b817350e8993ad7f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
QueryDosDeviceW
WideCharToMultiByte
SetWaitableTimer
MultiByteToWideChar
ResumeThread
LoadResource
GetPrivateProfileStringW
SizeofResource
GetCurrentProcess
FreeLibrary
TerminateThread
FreeResource
GetVersion
GetFileSize
GetSystemTime
GlobalDeleteAtom
FileTimeToSystemTime
InterlockedIncrement
GetModuleHandleW
LoadLibraryA
SuspendThread
GlobalAddAtomW
LockResource
GetProcAddress

user32

DefWindowProcW
CreateWindowExW
GetCursorPos
GetKeyState
wsprintfW
GetParent
InvalidateRect
GetWindowDC
OffsetRect
RegisterWindowMessageW
IsDlgButtonChecked
EndDialog
PostThreadMessageW
ReleaseCapture
TranslateMessage
EnableWindow
SetWindowPos
GetWindowRect
PostMessageW
GetWindowThreadProcessId
LoadStringW
SystemParametersInfoW
RegisterClassExW
SetWindowTextW
IsWindow

gdi32

CreateRoundRectRgn
CreateCompatibleBitmap
GetMapMode
CreateSolidBrush
SetTextColor
SetBkMode
BitBlt
CreateCompatibleDC
CreateFontIndirectW
DPtoLP

advapi32

GetUserNameW
SetSecurityDescriptorDacl
RegCloseKey
LookupPrivilegeValueW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60654b1302ef4e7b817350e8993ad7f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB