4465267201b912ef21844e5d506c3e04_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4465267201b912ef21844e5d506c3e04_JaffaCakes118
Size

88KB
MD5

4465267201b912ef21844e5d506c3e04
SHA1

ef114c15a27f88802003f36f14048fad492f4d94
SHA256

61874e9c7614cb1102f133ed5ceb69d7b0f54403099379ae5f957953db10524e
SHA512

032ebc10675174c2e3b8257d211088d7f1c9c70c90b32b5897463c5fe859221a1f0e27219cc5352ee00146c5e83d03541401021fdad961a49c51c90935219e12
SSDEEP

1536:vjhazV5a7wwzj+j6C9XYao/kLmfgc4NUALqQsQj:vjE5a7wSc6CF3oTocwUAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4465267201b912ef21844e5d506c3e04_JaffaCakes118

Files

4465267201b912ef21844e5d506c3e04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22ba1793e1dd9ac2766e9d8f4038bb0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CloseHandle
lstrcmpiA
GetLastError
CreateThread
SetThreadPriority
Sleep
SetPriorityClass
OpenProcess
GetCurrentProcessId
GetModuleHandleA
lstrcmpA
lstrcpyA
lstrlenA
GetTickCount
InterlockedIncrement
LeaveCriticalSection
GetCurrentThreadId
InterlockedDecrement
ExitProcess
GetCommandLineA
GetStartupInfoA
FormatMessageA
CompareStringA
LocalAlloc
LocalFree
LocalHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection

user32

wvsprintfA
MessageBoxA
DialogBoxParamA
SetWindowTextA
GetDlgItem
GetClassNameA
SetTimer
EndDialog
wsprintfA
LoadIconA
GetMessageA
SendMessageA
SetDlgItemInt
PostThreadMessageA
KillTimer
PostMessageA
EnableWindow
SendDlgItemMessageA

comctl32

ord17
ord16

winmm

waveOutWrite
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
waveInStart
waveOutGetErrorTextA
waveOutPrepareHeader
waveInUnprepareHeader
waveOutRestart
waveOutUnprepareHeader
waveOutOpen
waveInPrepareHeader
waveInAddBuffer
waveInClose
waveOutClose
waveInReset
waveOutReset
waveOutPause
waveInOpen

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22ba1793e1dd9ac2766e9d8f4038bb0f

Headers

File Characteristics

Imports

kernel32

user32

comctl32

winmm

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 71KB - Virtual size: 72KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 71KB - Virtual size: 72KB