2dd38fce46aba804058aa653d2fafb22_JaffaCakes118

General

Target

2dd38fce46aba804058aa653d2fafb22_JaffaCakes118
Size

30KB
MD5

2dd38fce46aba804058aa653d2fafb22
SHA1

1ce8229b3c5519dfb25f6c9305c00b0f3b5e130a
SHA256

4136d895f5feb7f0edd6e341c1292d8866726bb5b349d2365f52706e48c5ff84
SHA512

03f4d99ec4bb11d4486501615b1fdb6b1f7e60b1d3ee2a629a9fd4cc3310cab761f8ffd32ca37db715933c0eee3806d1fb4a2b0ed3dfea2f1d200ce5e5271e32
SSDEEP

768:Byyyyyyyyyyyyyyyy8xkp8hyrmwJFUFb+O/JqQgUTXTHJYdQId1FE:+kpZGb+Hcr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd38fce46aba804058aa653d2fafb22_JaffaCakes118

Files

2dd38fce46aba804058aa653d2fafb22_JaffaCakes118
.exe windows:3398 windows x86 arch:x86

b602648bd8c92838efbcb9c5823691c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
SetEvent
VirtualAlloc
MultiByteToWideChar
GetSystemTimeAsFileTime
TerminateProcess
HeapDestroy
GetTickCount
Sleep
CreateFileW
GetVersionExA
Sleep
LeaveCriticalSection
WaitForSingleObject
GetCurrentThreadId
TerminateProcess
LeaveCriticalSection
WideCharToMultiByte
GetStartupInfoA
SetEvent
GetModuleHandleA
VirtualAlloc
QueryPerformanceCounter
InterlockedIncrement
FreeLibrary
EnterCriticalSection
QueryPerformanceCounter
GetCommandLineW
WideCharToMultiByte
GetModuleFileNameA
LocalFree
CloseHandle
GetVersionExA
GetModuleFileNameA
UnhandledExceptionFilter
CreateThread
lstrlenW
GetModuleHandleA
DeleteCriticalSection

user32

SetCapture
PtInRect
LoadIconW
ReleaseCapture
SetRect
GetDlgItemTextW
EndDialog
FindWindowW
IsIconic
GetMenu
MessageBeep
PeekMessageW
SystemParametersInfoW
GetCursorPos
DialogBoxParamW
SetRect
ReleaseDC
UpdateWindow
GetDlgItem
GetDC
ScreenToClient
ReleaseDC
SendDlgItemMessageW
GetSubMenu
EndPaint
GetDlgItemTextW
LoadCursorW
MoveWindow
IsWindow
CharNextW
FindWindowW
UpdateWindow
SetWindowTextW
ShowWindow
GetSubMenu
GetMessageW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b602648bd8c92838efbcb9c5823691c5

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB