25315d393263ce187894413156ce41d0_JaffaCakes118

General

Target

25315d393263ce187894413156ce41d0_JaffaCakes118
Size

308KB
MD5

25315d393263ce187894413156ce41d0
SHA1

ac9bfd9e9e666af2e249faaf9f743cefb2d51d55
SHA256

530af40f76a22e8c6c80c32466433b5cd310fcd66c0e30f333db9471dabdd4a1
SHA512

eaaffbf65611ed5df2421f859acb35232771a502bb5c4b017f81a67549b95fa5e5aac284ebc47a656e032e4accff4d54e67e922e68d2f793209a509c0d3b3760
SSDEEP

6144:GY5GznIROGRE3CAYy9ePV9eFUkBM1B5q0SKUWhwp7FDTScWn9gE:7en4A3Y9e+kBMLcKvhwdRIn9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25315d393263ce187894413156ce41d0_JaffaCakes118

Files

25315d393263ce187894413156ce41d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a997c78cd1cc688a7f1675ce55fb483

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetDriveTypeW
GetLastError
FindClose
SetCurrentDirectoryW
SetEndOfFile
TerminateThread
FindNextFileW
GetLocalTime
GetFileAttributesW
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
FreeResource
GlobalDeleteAtom
GetCurrentProcess
FindFirstChangeNotificationW
VirtualFree
FileTimeToSystemTime
GetModuleFileNameW
CloseHandle
LockResource
InterlockedDecrement
FreeLibrary
CreateFileW
CreateWaitableTimerW
MulDiv
LoadResource
ExitProcess
GetTickCount

user32

LoadIconW
EnableWindow
SetCapture
GetClassNameW
CreatePopupMenu
IsWindow
PostThreadMessageW
SetDlgItemTextW
EndDialog
GetWindowTextW
SetForegroundWindow
wsprintfW
GetParent
CreateWindowExW
SetCursor
GetMessageW
FillRect
GetWindowRect
GetWindowThreadProcessId
SetCursorPos
ReleaseDC
PostMessageW
WindowFromPoint
DefWindowProcW
PostQuitMessage

gdi32

MoveToEx
GetStockObject
GetMapMode
SetTextColor
CreatePen
CreateCompatibleBitmap
CreateFontIndirectW
SetBkMode
BitBlt

advapi32

RegCloseKey
RegDeleteValueW
GetUserNameW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

Shell_NotifyIconW

ole32

CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a997c78cd1cc688a7f1675ce55fb483

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 24KB