4053add7b696d2ca57948053bcc4377a_JaffaCakes118

General

Target

4053add7b696d2ca57948053bcc4377a_JaffaCakes118
Size

52KB
MD5

4053add7b696d2ca57948053bcc4377a
SHA1

e9ea52e4550d7357e8ff32223fb061bb38daf4d8
SHA256

0ab4a5ade5c7721d0ce523956ac03ef3693a96efec6d36ef3fdcead9e9ce5fb6
SHA512

f3ed185f5d5529673440f1dc52999d8bfe5f6cd6650913c393eb3332db2de79744a79c0f5d0f3f578187a46252e092fb9203f94fae8007d2972f21602dcbcae5
SSDEEP

768:VbFG5W/yqHnITAAIx5zev5gKsU3CDzmlOgaexLbIznZPBB265c2RIEu0:VR4+DHIT6xMv5gKJ3QCGexQznfsx2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4053add7b696d2ca57948053bcc4377a_JaffaCakes118

Files

4053add7b696d2ca57948053bcc4377a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b489c4f62da218b057d14373541babf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SaveDC
GetDeviceCaps
GetObjectW
SetBkColor
EndDoc
CreateFontIndirectW
BitBlt
SelectObject
CreateRectRgn
RectInRegion
CreateDIBSection

user32

SetWindowLongW
IsIconic
InsertMenuW
TranslateAcceleratorW
GetCursorPos
SetMenuItemBitmaps
GetWindowRect
GetSubMenu
RedrawWindow
OpenClipboard
DefMDIChildProcW
PeekMessageW

msvcrt

_waccess
_XcptFilter
_stat
fgets
_fullpath
strtoul
rand
iswctype
wcscmp
_strtime

advapi32

OpenProcessToken
SetSecurityInfo
SetTokenInformation
RegCloseKey
GetSidSubAuthority
GetAce
OpenSCManagerW
RegEnumValueW
GetSecurityInfo
CopySid
LookupPrivilegeNameW

ulib

?IsInSetup@MESSAGE@@UAEEXZ
?SetDotsOnly@MESSAGE@@UAEEE@Z
?IsGuidVolName@PATH@@QAEEXZ
??0STRING_ARGUMENT@@QAE@XZ
?SetOemConversions@WSTRING@@SGXXZ
?SetDevice@PATH@@QAEEPBVWSTRING@@@Z
?SkipWhite@WSTRING@@SGPAGPAG@Z
??0CLASS_DESCRIPTOR@@QAE@XZ
?QueryChCount@WSTRING@@QBEKXZ
?QueryTimeOut@COMM_DEVICE@@QBEEXZ
?QueryChCount@BSTRING@@QBEKXZ

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b489c4f62da218b057d14373541babf9

Headers

File Characteristics

Imports

gdi32

user32

msvcrt

advapi32

ulib

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 62KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 62KB

.rsrc
Size: 1024B - Virtual size: 1000B