2bea63491fdf9573b490f23fb5c3a74d_JaffaCakes118

General

Target

2bea63491fdf9573b490f23fb5c3a74d_JaffaCakes118
Size

31KB
MD5

2bea63491fdf9573b490f23fb5c3a74d
SHA1

787c2c431252846b54f9b53c866e62a745b9fb06
SHA256

6067d2aba6f2ad555b4bb8b106a23d903e40cd63a818fe1e42a64a07485f14ce
SHA512

c98146f60e8c3790cd9f51b96eda6e8b271d50d09c132d5ce58da120bd27b8a7fd6d2e9819299229304f24ccc90b1f675241523c2e60b95656cc2ebd8868a4c3
SSDEEP

768:ByyyyyyyyyyyyyyyyN76z0BJ6/NnyDQXTHJYdQId1OD:Pk0BE/NnpPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bea63491fdf9573b490f23fb5c3a74d_JaffaCakes118

Files

2bea63491fdf9573b490f23fb5c3a74d_JaffaCakes118
.exe windows:61504 windows x86 arch:x86

827166131386c36a65d88cd957f1dacb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetUnhandledExceptionFilter
GetStartupInfoW
WaitForSingleObject
VirtualFree
InitializeCriticalSection
QueryPerformanceCounter
InitializeCriticalSection
GetTickCount
VirtualAlloc
CreateFileW
InitializeCriticalSection
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetStartupInfoA
VirtualAlloc
GetModuleHandleA
VirtualAlloc
lstrcmpiW
InitializeCriticalSection
GetCurrentProcessId
ExitProcess
GetCommandLineW
HeapAlloc
ReadFile
InterlockedDecrement
GetModuleFileNameA
LocalFree
ReadFile
VirtualAlloc
ReadFile
VirtualAlloc
GetVersionExA
FreeLibrary
GetCurrentProcessId
GetVersionExA
GetCurrentProcessId

user32

SetWindowPos
GetSysColor
SendMessageW
GetClientRect
DestroyMenu
GetDlgItemTextW
MapWindowPoints
GetParent
CallWindowProcW
CreateDialogParamW
GetDesktopWindow
CopyRect
CreateWindowExW
MapWindowPoints
SetForegroundWindow
LoadStringA
SendDlgItemMessageW
SetTimer
CharNextW
EndPaint
GetCursorPos
MessageBeep
SendDlgItemMessageW
LoadStringW
GetCursorPos
MapWindowPoints
SetTimer
MapWindowPoints
ScreenToClient
MessageBoxA
SendDlgItemMessageW
wsprintfA
ScreenToClient
MapWindowPoints
EndPaint
DestroyWindow
IsDialogMessageW
SetTimer
IsWindowVisible
TranslateMessage
MessageBoxW
RegisterClassExW
InvalidateRect
GetSubMenu
IsWindow
LoadIconW
GetCursorPos
DispatchMessageW
LoadStringA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

827166131386c36a65d88cd957f1dacb

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB