31c1b5886d2c2288137e632b537e3042_JaffaCakes118

General

Target

31c1b5886d2c2288137e632b537e3042_JaffaCakes118
Size

64KB
MD5

31c1b5886d2c2288137e632b537e3042
SHA1

a8536e3c640fa2a019a46cc6349b0aae08ec4e5c
SHA256

2a8aabafadceffb4023cdb400b5d1e8162eabc46c398cded773238f1fa20f3c0
SHA512

8dc13ebf5dbf870db5007a26faeac86d604d2787bdb7213b2a8a40236dfecb7aae272ff52b7a3bdcb14b085f52687d479840f9b4a8e3a529131d241a51974c4e
SSDEEP

1536:H9g/tuif7e9WucN+92ut3VUVSmVVMx9QNJ:S7zeIXN+Rpmwx2NJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31c1b5886d2c2288137e632b537e3042_JaffaCakes118

Files

31c1b5886d2c2288137e632b537e3042_JaffaCakes118
.exe windows:4 windows x86 arch:x86

782b13d4d6f7f9ad03ee53dfd52007e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetFileSize
CreateWaitableTimerW
GetDriveTypeW
LockResource
lstrlenW
SetCurrentDirectoryW
GetCurrentThreadId
GetUserDefaultLangID
MultiByteToWideChar
LoadLibraryA
WritePrivateProfileStringW
GlobalUnlock
FindResourceExW
CreateProcessW
ResumeThread
CreateEventW
GetFileAttributesW
GetSystemTime
GlobalAddAtomW
SetFilePointer
GetLocalTime
CreateThread
QueryDosDeviceW
WideCharToMultiByte
SetEvent
MoveFileW
WriteFile
GetProcAddress
InterlockedDecrement

user32

IsWindow
RegisterWindowMessageW
GetCursorPos
MessageBoxW
TrackPopupMenu
GetWindowThreadProcessId
CreatePopupMenu
VkKeyScanW
DispatchMessageW
SystemParametersInfoW
GetClassNameW
DialogBoxParamW
CreateWindowExW
PostThreadMessageW

gdi32

MoveToEx
CreateDCW
SetBkMode
GetObjectW
CreateFontIndirectW
GetStockObject

advapi32

RegCreateKeyExW
LookupAccountSidW
StartServiceW
GetUserNameW
SetSecurityDescriptorDacl
RegSetValueExW

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

782b13d4d6f7f9ad03ee53dfd52007e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 980B

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 980B