28f46f9ce4f21b9ae167fac3d173d79e_JaffaCakes118

General

Target

28f46f9ce4f21b9ae167fac3d173d79e_JaffaCakes118
Size

276KB
MD5

28f46f9ce4f21b9ae167fac3d173d79e
SHA1

a58e9bd4c9947d9d42bf5592cea5f57d7d1a6ee5
SHA256

7a24ec6ccf210ea4e22147b915197a3633ba47d5f9ad35c8bcf696db921678d2
SHA512

6e102b10186d1144c6bc57e433d343c8fe61ccd2d0ae8c95ecf3c58f3ce5b5bcec650777e4407832c5bfdc2683fc547fc773f43d4b3da1701efcbfc8b462141c
SSDEEP

6144:LBRFMAsdIia2BZ2pCc1xI2EIz/B5cO7swnoO2tP:t9PSir1xI2EIz/BqMnoO25

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f46f9ce4f21b9ae167fac3d173d79e_JaffaCakes118

Files

28f46f9ce4f21b9ae167fac3d173d79e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

531457cd2982edd2cc70cfb5365034b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
GlobalUnlock
SetWaitableTimer
GetCurrentThreadId
GetFileAttributesW
FileTimeToSystemTime
CreateEventW
FindNextChangeNotification
DeleteFileW
GetFileSize
GetTickCount
FindFirstFileW
SetThreadPriority
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
DuplicateHandle
GetPrivateProfileStringW
SetFilePointer
GetSystemTime
FreeResource
ResetEvent
LoadResource
GetUserDefaultLangID
TerminateThread
GlobalAlloc
Sleep
FindClose
FindResourceExW
ResumeThread
MulDiv
GlobalFree
WriteFile

user32

FillRect
TrackPopupMenu
GetMessageW
EndDialog
GetCursorPos
CreatePopupMenu
PostThreadMessageW
GetKeyState
GetParent
AppendMenuW
IsWindow
RedrawWindow
DrawTextW
wsprintfW
SendMessageW
LoadStringW
RegisterWindowMessageW
SetCursor
PostMessageW
DestroyIcon
GetSysColor
SendDlgItemMessageW
LoadIconW
SetLayeredWindowAttributes
RegisterClassExW
SetDlgItemTextW
SetForegroundWindow
OffsetRect
EnableWindow
GetClassNameW
PostQuitMessage
LoadImageW

gdi32

DeleteDC
CreateCompatibleBitmap
DeleteObject
GetClipBox
SetMapMode
LineTo
SelectObject
BitBlt

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
GetUserNameW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

Shell_NotifyIconW

ole32

CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

531457cd2982edd2cc70cfb5365034b6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB