2af53dd4a2419409e7f15b8a724fffbd_JaffaCakes118

General

Target

2af53dd4a2419409e7f15b8a724fffbd_JaffaCakes118
Size

96KB
MD5

2af53dd4a2419409e7f15b8a724fffbd
SHA1

2e27d3bb3477dfa2f396ab729205eab1359b7d82
SHA256

4d49d729c6dc8e1447cfd6ce7edd953d8b2596ad7ca32ecc0d34f0a026be2693
SHA512

1b958a02a19dea98405aa9af389c46eb318c26e482e516fa89abb469871350ea24380dc6f1017b36ec9d71a5163187c81355d8f995549ea0873b39aaf1e30b2f
SSDEEP

1536:EcbKlchpxH1FX8FV22H39/N3zKcZMCFjWKjivSL1Ocqq5nBbE4yZVnOtn:EMK22HZN3zL/SSeq5nBcDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af53dd4a2419409e7f15b8a724fffbd_JaffaCakes118

Files

2af53dd4a2419409e7f15b8a724fffbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81335fca746e636428e4c9b5b9c72937

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FindNextChangeNotification
GetCurrentThread
WaitForMultipleObjects
SizeofResource
GetCurrentThreadId
GetUserDefaultLangID
VirtualAlloc
LoadResource
MoveFileW
SetThreadPriority
CreateThread
FreeLibrary
MulDiv
CreateProcessW
GetVersion
GetModuleHandleW
SetWaitableTimer
FindFirstChangeNotificationW
DuplicateHandle
SetCurrentDirectoryW
GlobalDeleteAtom
CreateFileW
CancelWaitableTimer
ReadProcessMemory
SetLastError
LoadLibraryA
CloseHandle
GetCurrentProcessId
GlobalAlloc
FindResourceW
GetDriveTypeW
LoadLibraryW
ResetEvent
SuspendThread
GlobalFree
FindNextFileW
FindFirstFileW

user32

SetWindowPos
RegisterClassExW
SetCapture
IsWindow
VkKeyScanW
GetClassNameW
DialogBoxParamW
IsDlgButtonChecked
GetWindowThreadProcessId
SetCursor
SetForegroundWindow
WindowFromPoint
GetWindowDC
GetParent
ReleaseDC
GetDlgItem
DestroyMenu
SystemParametersInfoW
DefWindowProcW
PostThreadMessageW
PostMessageW
TrackPopupMenu

gdi32

CreateRoundRectRgn
GetDeviceCaps
GetClipBox
LineTo
CreateBitmap
SetDIBits
CreateCompatibleDC
BitBlt
SetMapMode
SetBkMode
Rectangle
MoveToEx
DPtoLP

advapi32

GetUserNameW

Sections

.mhhrj
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gjenec
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pbxx
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

81335fca746e636428e4c9b5b9c72937

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.mhhrj Size: 84KB - Virtual size: 83KB

.gjenec Size: 4KB - Virtual size: 1KB

.pbxx Size: 4KB - Virtual size: 22KB

.mhhrj
Size: 84KB - Virtual size: 83KB

.gjenec
Size: 4KB - Virtual size: 1KB

.pbxx
Size: 4KB - Virtual size: 22KB