287f5ae774fe5810a591c688bb8076f3_JaffaCakes118

General

Target

287f5ae774fe5810a591c688bb8076f3_JaffaCakes118
Size

64KB
MD5

287f5ae774fe5810a591c688bb8076f3
SHA1

6971937320f8cdd472e4ced0108b0f37160bddf4
SHA256

720f632957e007e44e95247f8cbe65abdc8fc83d779eeabd4a1756124d47f4a8
SHA512

67214a929d82ceefef9ef2ec382197db7e7d7735a7df141a8f92764ec0c0e88cbc010a5ef9db953c792b69d477260ccfb3a1364f13e6c6841160869511cd65bc
SSDEEP

1536:ArELQneDxyzdOVxT7nxiyHUWEElZEwf2hGHx0bWUI0D:MeSOcyHTEEHEwf2Yx01B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
287f5ae774fe5810a591c688bb8076f3_JaffaCakes118

Files

287f5ae774fe5810a591c688bb8076f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c9a8fd4527af36db78cb44010170c50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetDriveTypeW
GetLastError
lstrcpyW
LoadLibraryW
FindClose
FindNextFileW
MultiByteToWideChar
SetEvent
SetWaitableTimer
LoadLibraryA
GetModuleFileNameW
GetFileAttributesExW
GetCurrentThreadId
MulDiv
GetUserDefaultLangID
LockResource
GetCurrentThread
GetVersion
GetProcAddress
VirtualFree
GlobalUnlock
FindResourceExW
TerminateThread
FindResourceW
QueryDosDeviceW

user32

DrawTextW
IsDlgButtonChecked
TrackPopupMenu
SetWindowPos
LoadBitmapW
EndDialog
GetParent
wsprintfW
SetLayeredWindowAttributes
GetClassNameW
TranslateMessage
GetWindowDC
RegisterHotKey
SetDlgItemTextW
FillRect
SystemParametersInfoW
SetCursorPos
GetCursorPos
SetWindowTextW
SendDlgItemMessageW

gdi32

DeleteDC
SetMapMode
CreateCompatibleDC
GetObjectW
MoveToEx
GetClipBox

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegNotifyChangeKeyValue
InitializeSecurityDescriptor
RegDeleteValueW
LookupAccountSidW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c9a8fd4527af36db78cb44010170c50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB