37b8edbf1662bfbba92baac46b26af37_JaffaCakes118

General

Target

37b8edbf1662bfbba92baac46b26af37_JaffaCakes118
Size

62KB
MD5

37b8edbf1662bfbba92baac46b26af37
SHA1

998a3a62581ecc7e2f662b93fe8c8fd9f0dd692a
SHA256

c06a4c4bcde521bfcab8754f09bf9abf95c177ce212296bbecead5a08bf80eb3
SHA512

bf65b308307e03a2f3240ccfe245a45c0e021dc4a2b50e2835afe4cc4e758c9f47ddc675f93e812ba58fe4d5ecd23dcc4db48f10522a95162d70de04411a121e
SSDEEP

768:mou59o8C+YZkN+bmbSh1bjh0E4zUMVmBOjsN35ax8kwN4F1KTE5SFg:V8dYZ8+ibS7Xh0z/Ve+DaN4moIg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b8edbf1662bfbba92baac46b26af37_JaffaCakes118

Files

37b8edbf1662bfbba92baac46b26af37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

702063d999d87b1adf47be41c9466ace

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
FlushFileBuffers
SetStdHandle
CloseHandle
SetEnvironmentVariableA
CompareStringW
SetFilePointer
HeapReAlloc
CompareStringA
InterlockedIncrement
OutputDebugStringA
GetLastError
LoadLibraryA
GetProcAddress
InterlockedDecrement
VirtualAlloc
HeapFree
HeapAlloc
LCMapStringA
HeapValidate
LCMapStringW
FreeEnvironmentStringsA
WriteFile
IsBadWritePtr
GetStringTypeW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
DebugBreak
GetModuleFileNameA
GetOEMCP
GetStringTypeA
IsBadReadPtr
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind

user32

GetActiveWindow
wsprintfA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DestroyIcon
PostQuitMessage
DefWindowProcA
GetTopWindow
FindWindowA
MessageBoxA
GetWindowThreadProcessId
IsWindow
SendMessageA
LoadCursorA
GetMessageA
LoadIconA
CreateWindowExA
RegisterClassExA
LoadStringA
LoadImageA
ShowWindow
UpdateWindow

gdi32

GetStockObject

shell32

Shell_NotifyIconA

deskiconslib

_SetDIPSHook@4

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

702063d999d87b1adf47be41c9466ace

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

deskiconslib

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 11KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 11KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB