2ca30a88d1452e28e88f23960dd75533_JaffaCakes118

General

Target

2ca30a88d1452e28e88f23960dd75533_JaffaCakes118
Size

367KB
MD5

2ca30a88d1452e28e88f23960dd75533
SHA1

7233fbd672a880408a607fc9c3f01063ae7c6bba
SHA256

8841e1b471877f07fa464d17a78634f2880316ecda40b773380d55d6450d20a8
SHA512

392bc1215e80f5b2e1059e930c3cefcf269f894ae791bcdf108019ab11c8d6c319a08bee5ab0156913aa1c46a53d34079c4aac9b76e0afa7973bebecd74cfead
SSDEEP

6144:OgNcrsnyRJQLGYG3Sp6n0Uq7ooB3KolPZmvCDgnuMXGY2VeW:OwCsy/YP6nk5/ZmvlnR2VeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca30a88d1452e28e88f23960dd75533_JaffaCakes118

Files

2ca30a88d1452e28e88f23960dd75533_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10adea6296c0bfec07e3f954920a0be6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetFilePointer
ReadConsoleA
GetPrivateProfileIntW
PostQueuedCompletionStatus
LocalLock
WriteFileGather
EnumResourceLanguagesW
GetCommProperties
GetProcessAffinityMask
GetPrivateProfileSectionW
_lwrite
WriteProfileStringW
FindCloseChangeNotification
ReadFile
SetConsoleTitleA
FoldStringW
GenerateConsoleCtrlEvent
CreateDirectoryExW
GetQueuedCompletionStatus
GetProcAddress
CreateProcessA
ResumeThread
CopyFileA
GetConsoleCursorInfo
UpdateResourceA
GetStdHandle
HeapAlloc
FindResourceW
SuspendThread
FreeResource
SetupComm
CreateEventA
LockFile
GetStartupInfoA
GetProfileIntA
TransactNamedPipe
GetDiskFreeSpaceA
GetTempPathW

oleaut32

SysAllocStringLen

user32

DrawTextA
IsDlgButtonChecked
EnumClipboardFormats
PostMessageA
GetMenuState
GetScrollRange
GetFocus
GetDlgCtrlID
LoadMenuA
CharUpperBuffW
IsCharLowerW
SetDlgItemInt
DestroyMenu
GetSysColorBrush
DrawStateW
CharNextW
GrayStringW
SendMessageCallbackW
BeginPaint
IsCharUpperW
DrawAnimatedRects
InsertMenuA
SetCapture
SetMenuItemBitmaps
GetSystemMenu
SetUserObjectInformationW

Sections

.text
Size: 37KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10adea6296c0bfec07e3f954920a0be6

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 37KB - Virtual size: 354KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 304KB - Virtual size: 303KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 37KB - Virtual size: 354KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 304KB - Virtual size: 303KB

.rsrc
Size: 22KB - Virtual size: 21KB