3d533ccd0214142d5b68f9508f84ad22_JaffaCakes118

General

Target

3d533ccd0214142d5b68f9508f84ad22_JaffaCakes118
Size

60KB
MD5

3d533ccd0214142d5b68f9508f84ad22
SHA1

3d70c1d8ea75c098fa2ee06be6309ad26340b8bc
SHA256

f1e4e95962461d489f0188194e9ba6ea1201c6913f25c90dd00633ddc4812271
SHA512

a8e19fea26eba2aa229319cba75a048e3537b0209ee0b5328c190b6de82503e9a50203f79db2aae69be8806b88048d492573f4adc62dfc0d96e53dc9f298d4c6
SSDEEP

1536:xJEDEaFnQM6aRDcpe8dfqTBaerfPJVYer:xuDPa/ayVE8eDDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d533ccd0214142d5b68f9508f84ad22_JaffaCakes118

Files

3d533ccd0214142d5b68f9508f84ad22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac761e65e4e8f0e35155b3fe3ab21718

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
SizeofResource
SetWaitableTimer
MulDiv
InterlockedIncrement
SetFilePointer
GetLocalTime
FindNextFileW
MoveFileW
GetPrivateProfileStringW
LoadLibraryA
GetDriveTypeW
GetUserDefaultLangID
GetFileSize
GetModuleFileNameW
TerminateThread
ReadProcessMemory
FreeResource
SetEndOfFile
ResetEvent
FreeLibrary
WritePrivateProfileStringW
GetProcAddress
SetLastError
SetEvent

user32

TrackPopupMenu
SetWindowTextW
FillRect
GetWindowThreadProcessId
GetCursorPos
SystemParametersInfoW
SendMessageW
RegisterHotKey
CreatePopupMenu
GetSystemMetrics
EndDialog
ReleaseCapture
GetKeyState
AppendMenuW
ReleaseDC
GetWindowRect
PostQuitMessage
RegisterWindowMessageW
WindowFromPoint
GetSysColor
LoadImageW
SetLayeredWindowAttributes
SetDlgItemTextW

gdi32

SetMapMode
DPtoLP
GetDeviceCaps
DeleteObject
CreateBitmap
CreateICW
CreateDCW
GetObjectW
GetStockObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac761e65e4e8f0e35155b3fe3ab21718

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1004B

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1004B