256060a33f719cb1f64ab21f6fa60f52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

256060a33f719cb1f64ab21f6fa60f52_JaffaCakes118
Size

451KB
MD5

256060a33f719cb1f64ab21f6fa60f52
SHA1

93605b26b34a68ec3921071e3d4c68603f4aba76
SHA256

440f3cc0628a4099acf4d5abd48be221d7ba530c17db0981deb29c56941c245f
SHA512

4b3bd91f97c5d521190f667d481acc42429d4dbf09445458dcc7336581b23d1fca22db7948e661ae9842d8c7d9a2e2041c7a165fe1ed03779de84ece58496bd6
SSDEEP

12288:9HNYBglvFkkul88/B3deUEKhhRSUfbltcCc1lP6f:9HiKlvFNuC8/xf8U5vc1l6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256060a33f719cb1f64ab21f6fa60f52_JaffaCakes118

Files

256060a33f719cb1f64ab21f6fa60f52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf86662eb4419c3ba522d89a19b79340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
GetCurrentThreadId
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
EnumResourceNamesA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
ReadFile
GetFileSize
MoveFileA
GetShortPathNameA
GetWindowsDirectoryA
SetLastError
GetModuleFileNameA
lstrcmpiA
FreeLibrary
LoadLibraryA
lstrcpyA
lstrlenA
lstrcatA
lstrlenW
WideCharToMultiByte
GetModuleHandleA
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
SetFileAttributesA
CreateFileA
WriteFile
CloseHandle
HeapAlloc
DeleteFileA

user32

SetWindowTextA
GetSystemMetrics
EndDeferWindowPos
DeferWindowPos
ScreenToClient
BeginDeferWindowPos
PostMessageA
CharNextA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
GetSysColor
LoadStringA
GetClientRect
GetDC
LoadCursorA
SetCursor
SetWindowLongA
GetWindowTextA
wsprintfA
EndDialog
SetTimer
InvalidateRect
UpdateWindow
DefWindowProcA
RedrawWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
KillTimer
ReleaseDC
DialogBoxParamA
LoadImageA
SendMessageA

gdi32

GetDeviceCaps
CreateHalftonePalette
UpdateColors
SetTextColor
CreateFontIndirectA
CreateCompatibleDC
RealizePalette
GetObjectA
SelectObject
DeleteObject
BitBlt
DeleteDC
SelectPalette

advapi32

RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantClear

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf86662eb4419c3ba522d89a19b79340

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB