338a3e12a779896a03d342a6ec132392_JaffaCakes118

General

Target

338a3e12a779896a03d342a6ec132392_JaffaCakes118
Size

75KB
MD5

338a3e12a779896a03d342a6ec132392
SHA1

9bf003d284b0588531489098678249ad657b55fd
SHA256

d4ac2d8a72f69a0d90cfc1209b70482eab50d4992e96bea9c676dd68087758f1
SHA512

1f794f6280f6ce1ded70ce612e0083d7c21404fdd7ee965451398b28cdd068a6185950dc35499a0206e788a6693231b1aeba6653fef9d1ae1c8fa813e6929ffe
SSDEEP

1536:JhSIf6aESo0H5eSO8xcnPloxw0vrzTQP1fSIF4BignbVR+0Aq:J7f6aESo0H5pcPl8w0/8P1fh3gb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338a3e12a779896a03d342a6ec132392_JaffaCakes118

Files

338a3e12a779896a03d342a6ec132392_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00232e9f15787db85d05105d65386263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
lstrcpyn
lstrcpy
GetModuleHandleW
GetModuleFileNameA
lstrcmpA
FreeLibrary
lstrlenA
SetEvent
lstrcmpiA
GetProcAddress
LocalAlloc
VirtualAlloc
lstrcatA

user32

GetActiveWindow
DestroyWindow
DefWindowProcA
GetWindowTextA
GetWindowTextLengthA
LoadMenuW
UpdateWindow
GetSystemMenu
LoadMenuA
SendMessageW
GetParent
GetDC
LoadCursorA
CheckMenuItem
UpdateLayeredWindow
GetKeyState
GetCapture
ChangeMenuW
GetWindowTextW
LoadIconW
GetMessageW
CharUpperW
GetSystemMetrics
LoadStringW
RegisterClassExW
GetWindowLongW
GetWindowTextLengthW
EnableWindow
DefWindowProcW
PostMessageW
CharUpperA
LoadImageA
GetDlgItem
IsWindowEnabled
RegisterClassExA
ShowWindow
SetTimer
GetMenu
DrawIcon
LoadCursorW
CheckRadioButton
GetWindowLongA

gdi32

CreatePatternBrush
GetStringBitmapW
CreateBitmapIndirect

advapi32

RegSaveKeyW

shell32

ShellExecuteW

ole32

CLSIDFromString
StringFromCLSID

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00232e9f15787db85d05105d65386263

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 364B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 364B