3d4b7602848bcf3af0e28acc14b5cdad_JaffaCakes118

General

Target

3d4b7602848bcf3af0e28acc14b5cdad_JaffaCakes118
Size

320KB
MD5

3d4b7602848bcf3af0e28acc14b5cdad
SHA1

bb44bb22f9210d798f02851c3fb077c9daa0a8e0
SHA256

1768f6dbc8354da7c424d631c78d92ecfd139503ef04b81472c68b4a11552e4b
SHA512

bf66ad371d0473acf48da9b894e1455ba38c13d0ab65295f4edd081efb65a5094c6069d674ae5003c7040d99873276c322e7bc2c7216dbf62e686d4c83318527
SSDEEP

6144:xxYaVgVjrp3mVa8ZO5lF7lxNQSrYBbCWHx7o+vHMnrOoe+s5V/HYR:xGcgV30a8SFlLjYB+WHxrJ0s55HY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4b7602848bcf3af0e28acc14b5cdad_JaffaCakes118

Files

3d4b7602848bcf3af0e28acc14b5cdad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c9eedb8f0544077fb270b9d9c61576e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
GlobalUnlock
InterlockedDecrement
DeleteFileW
CreateThread
ResumeThread
ExitProcess
FindFirstFileW
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
WaitForSingleObject
GetCurrentThread
GetModuleFileNameW
GetLastError
QueryDosDeviceW
GetFileSize
CreateEventW
SetEvent
CreateFileW
GetFileAttributesExW
GetModuleHandleW
VirtualAlloc
GetCurrentProcessId
SetLastError
FreeLibrary
GetUserDefaultLangID
GetProcAddress
GetVersion
GlobalDeleteAtom
GetProcessHeap
lstrcpyW

user32

RedrawWindow
GetCursorPos
GetClassNameW
GetSysColor
TranslateMessage
DispatchMessageW
SetCapture
RegisterWindowMessageW
GetMessageW
AppendMenuW
FillRect
MessageBoxW
WindowFromPoint
GetWindowTextW
LoadStringW
PostQuitMessage
GetWindowRect
SendMessageW
GetWindowDC
LoadImageW

gdi32

MoveToEx
DeleteObject
SetBkColor
CreateFontIndirectW
CreateICW
SelectObject
CreateCompatibleBitmap
GetMapMode
SetBkMode
Rectangle
StretchBlt

advapi32

SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
GetUserNameW
InitializeSecurityDescriptor

shell32

SHChangeNotify

ole32

CoUninitialize
CoInitialize
CoInitializeEx

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c9eedb8f0544077fb270b9d9c61576e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 25KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 25KB