2fb03f4aceb5d85a67078791168cb194_JaffaCakes118

General

Target

2fb03f4aceb5d85a67078791168cb194_JaffaCakes118
Size

64KB
MD5

2fb03f4aceb5d85a67078791168cb194
SHA1

a2501d39e95033b91eeb3f1aff50941df7efacdd
SHA256

42a8c8f7e86572280e7464f9f2303c5c680c62de266843c1d2735b8cd7c396bf
SHA512

ad6cdfec80d399298774dbdaaa179d861433c4e27e11e49688b4de73b4de26c3a937adee0b3332e1a68d69caebbad914bffcf020dc3c716f438473be893afa0d
SSDEEP

1536:fDwnZjrISRo5z1K8+uYjOmqan3/MBk2nVVsU5Yf8oU2XJb:cKSRolk8Ai0nP2VVtSkOJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb03f4aceb5d85a67078791168cb194_JaffaCakes118

Files

2fb03f4aceb5d85a67078791168cb194_JaffaCakes118
.exe windows:4 windows x86 arch:x86

450eeb7242b9ff82e197c38ce17d2c85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
GetTickCount
MultiByteToWideChar
GetCurrentThreadId
WideCharToMultiByte
ResetEvent
GetCurrentProcessId
Sleep
FileTimeToSystemTime
SetCurrentDirectoryW
WriteFile
ResumeThread
SuspendThread
QueryDosDeviceW
LoadLibraryW
FindNextChangeNotification
SetFilePointer
ReadProcessMemory
GlobalUnlock
LoadLibraryA
GetLocalTime
CreateFileW
GetProcAddress
GetFileSize
SetEndOfFile
ReadFile

user32

SendDlgItemMessageW
RegisterWindowMessageW
DestroyIcon
SetForegroundWindow
SystemParametersInfoW
GetClassNameW
LoadImageW
DestroyMenu
GetSystemMetrics
CreatePopupMenu
MessageBoxW
ReleaseDC
DispatchMessageW
PostMessageW
TrackPopupMenu
OffsetRect
DrawTextW
TranslateMessage
SetCursorPos
SendMessageW
SetCapture
PostQuitMessage

gdi32

GetObjectW
MoveToEx
CreatePen
SetDIBits
SetBkColor
LineTo
SetBkMode
DPtoLP
SetMapMode
CreateFontIndirectW

advapi32

RegSetValueExW
RegCreateKeyExW
InitializeSecurityDescriptor
RegQueryValueExW
StartServiceW
GetUserNameW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

450eeb7242b9ff82e197c38ce17d2c85

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB