422a70d57d7ddc4f24d017d99ab9ee2a_JaffaCakes118

General

Target

422a70d57d7ddc4f24d017d99ab9ee2a_JaffaCakes118
Size

252KB
MD5

422a70d57d7ddc4f24d017d99ab9ee2a
SHA1

40fa06f4eabd1940af8426164e21272ceb01a95a
SHA256

470e6c8058a6dde5a69dbe3cb639fc993ed3e78865f8bea1f91df420175f6007
SHA512

fc4d56ed4cbcc7842a5cf90d1370e3e7c6ca8a005178d453b491122e5d9f2e985961c102e0370eeaaa75dcb825eb6b4c68d9f76d149897f266a3bfd9ad3a3533
SSDEEP

3072:xlxZoVF+vJeEvKLz2eTyQgoezKNK1xtnTKUp5TcjPFs7p:JqF+RFKv1Z6KNK/tnOaQTFs7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422a70d57d7ddc4f24d017d99ab9ee2a_JaffaCakes118

Files

422a70d57d7ddc4f24d017d99ab9ee2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c557a45abd546c470666e1c6f59d9c5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
FindResourceA
LoadResource
LockResource
GetWindowsDirectoryA
HeapAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetStringTypeA
ReadFile
GetStringTypeW
LoadLibraryA
GetProcAddress
SetEndOfFile
GetACP
GetCPInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
WriteFile
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapCreate
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA

user32

SetDlgItemTextA
EndDialog
MessageBoxA
wsprintfA
LoadBitmapA
SendMessageA
GetDlgItem
DialogBoxParamA
PostQuitMessage

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA

comctl32

ord17

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c557a45abd546c470666e1c6f59d9c5d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 220KB - Virtual size: 218KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 220KB - Virtual size: 218KB