35ef8c3b19a5159213402fc529dbc4d5_JaffaCakes118

General

Target

35ef8c3b19a5159213402fc529dbc4d5_JaffaCakes118
Size

30KB
MD5

35ef8c3b19a5159213402fc529dbc4d5
SHA1

38cb31dfac2ceb42eca7a492d30ac81ac95bae0b
SHA256

cf092e7f1380a16d6814c8541a51ebda4295a3cdbb569cd79fd34211c01247c4
SHA512

2ff72ed1fc3c9069ca25e7a133a4532037d3d4932e8ff29d52e90c98a81b47da0c915e51be39770df0d3ace4e5f36b883196a111e3b19406fa350b3f46e47885
SSDEEP

768:ByyyyyyyyyyyyyyyyPu+hPw4QoY+8a/J4PXTHJYdQId1ao:ZPh4LoY+8+OPr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35ef8c3b19a5159213402fc529dbc4d5_JaffaCakes118

Files

35ef8c3b19a5159213402fc529dbc4d5_JaffaCakes118
.exe windows:56486 windows x86 arch:x86

0cac586b37ea1f062b05705da4017d85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetCurrentProcessId
LocalFree
GetProcAddress
LeaveCriticalSection
QueryPerformanceCounter
HeapDestroy
LocalFree
WaitForSingleObject
LoadLibraryW
lstrcmpiW
HeapAlloc
SetLastError
EnterCriticalSection
GetProcessHeap
VirtualAlloc
HeapFree
TerminateProcess
CreateThread
SetEvent
GetTickCount
LeaveCriticalSection
CreateFileW
EnterCriticalSection
GetCurrentThreadId

user32

SetTimer
GetDlgItemTextW
GetDlgItemTextW
FindWindowW
SendMessageA
OffsetRect
GetParent
DestroyWindow
CreateWindowExW
ReleaseDC
ReleaseCapture
GetDlgItem
RegisterClassW
GetKeyState
MessageBeep
SendDlgItemMessageW
DialogBoxParamW
GetMessageW
DispatchMessageW
GetKeyState
CopyRect
GetClientRect
GetCursorPos
EndPaint
GetParent
GetDlgCtrlID
IsWindowVisible
FindWindowW
SetWindowPos
DispatchMessageA
LoadIconW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cac586b37ea1f062b05705da4017d85

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB