2e7ebdfdd6f5bd1a4a0364d9086a7388_JaffaCakes118

General

Target

2e7ebdfdd6f5bd1a4a0364d9086a7388_JaffaCakes118
Size

60KB
MD5

2e7ebdfdd6f5bd1a4a0364d9086a7388
SHA1

794d379543cb1751b795b690181d75b8e621216d
SHA256

3609f24c09a83296a96572863875856bf863b9ba9cd6b722dbc8ee4f9e7f3a41
SHA512

b36e06a7d2efd060847f468cd4ab6fcbf919d22233c65e80942ea459c9455d6e337075a4f1f3e26bb95ec6561bbcb4697fec0db736c586aae670b47a3e21f0e7
SSDEEP

1536:2ke+1OGs99wIau5OQBf6TYth3uhioI1/A+6Q3f7:2KzeSjQYktcLIf6Q3f7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e7ebdfdd6f5bd1a4a0364d9086a7388_JaffaCakes118

Files

2e7ebdfdd6f5bd1a4a0364d9086a7388_JaffaCakes118
.exe windows:4 windows x86 arch:x86

621c1e2fc8a1f405e4bf6b71d9a405ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
CloseHandle
SetLastError
GlobalAddAtomW
lstrcpyW
FindNextChangeNotification
GetProcAddress
GetCurrentProcessId
LoadResource
GetFileAttributesExW
GlobalLock
FindClose
WideCharToMultiByte
LockResource
FindFirstFileW
FindNextFileW
FreeResource
DeleteFileW
ReadFile
WaitForSingleObject
CancelWaitableTimer
SizeofResource
GetModuleHandleW
InterlockedIncrement
GetFileSize
CreateWaitableTimerW
WriteFile
SetFilePointer
CreateFileW
GetUserDefaultLangID
SetWaitableTimer
SetEndOfFile
LoadLibraryA
FindFirstChangeNotificationW

user32

ReleaseCapture
SetDlgItemTextW
PostMessageW
CreatePopupMenu
GetMessageW
DispatchMessageW
DestroyMenu
DialogBoxParamW
LoadIconW
PostThreadMessageW
SetLayeredWindowAttributes
SystemParametersInfoW
PostQuitMessage
DrawTextW
IsDlgButtonChecked
MessageBoxW
SetWindowTextW
CreateWindowExW
EnableWindow
OffsetRect

gdi32

Rectangle
CreateFontIndirectW
DeleteDC
DeleteObject
LineTo

advapi32

SetSecurityDescriptorDacl
GetUserNameW
LookupAccountSidW
RegCreateKeyExW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

621c1e2fc8a1f405e4bf6b71d9a405ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB