4562b7c5ba2ff130388b265ca6af52a2_JaffaCakes118

General

Target

4562b7c5ba2ff130388b265ca6af52a2_JaffaCakes118
Size

308KB
MD5

4562b7c5ba2ff130388b265ca6af52a2
SHA1

5a04774106fce7ec852ff53f95f94600662b5885
SHA256

0259a4335843511c2ee6a610ab8021cbf4562f5d2ca14dab0819c37480cfbd9c
SHA512

89fd5bbc9def0775232d59b02f02aaae206a669627f9892fc06c81efd7e658b4c40600703f23a208ce28c3fd04c0f2dd680a092330343f0bbf7292fe9c499963
SSDEEP

6144:NCuC0dlf0dB55dMi+ouTrpudakC6Lh3ElVykqMPgL+TIRGZh:NxtfgDzPBpYAkYlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4562b7c5ba2ff130388b265ca6af52a2_JaffaCakes118

Files

4562b7c5ba2ff130388b265ca6af52a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e2fcf4cc2710cb38c26ee078fb24597

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
MoveFileW
FindResourceW
SetEvent
FileTimeToSystemTime
ExitProcess
GetProcessHeap
CreateProcessW
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetTickCount
CreateThread
GetProcAddress
GetModuleFileNameW
WritePrivateProfileStringW
GetLocalTime
ResumeThread
InterlockedDecrement
GlobalDeleteAtom
WriteFile
FreeLibrary
GetCurrentThread
CreateWaitableTimerW
GetFileAttributesW
GetFileSize
HeapAlloc
GetModuleHandleW

user32

CreatePopupMenu
GetParent
SetCursor
GetWindowTextW
SetWindowTextW
InvalidateRect
DialogBoxParamW
SetWindowPos
UpdateWindow
GetWindowRect
GetWindowDC
SetLayeredWindowAttributes
GetSystemMetrics
SystemParametersInfoW
RedrawWindow
GetMessageW
wsprintfW
GetKeyState
VkKeyScanW

gdi32

CreateDCW
SetTextColor
CreatePen
SetBkMode
DPtoLP
DeleteDC
LineTo
CreateCompatibleBitmap
CreateICW
MoveToEx
CreateSolidBrush

advapi32

RegSetValueExW
InitializeSecurityDescriptor
StartServiceW
RegCreateKeyExW

shell32

SHChangeNotify

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e2fcf4cc2710cb38c26ee078fb24597

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 18KB