460355911a4c2f341bcee31b4b154aea_JaffaCakes118

General

Target

460355911a4c2f341bcee31b4b154aea_JaffaCakes118
Size

40KB
MD5

460355911a4c2f341bcee31b4b154aea
SHA1

76e8c9ab53721ded703af8b67a64467c004a003c
SHA256

bdb9b5e17a0b06d2902fb83142d1757df2c043da7ebfa46dde176a71c52459e9
SHA512

af1ecf00ea77bac64ce213c96fb8f43f93d06a03f6de239ba63dc5f305a5f7f8fac1a2d6cbd592f9d9368c79029d8e967ea1efc0c68233e5d2ac569cfcd7f988
SSDEEP

768:z7HotvzQyKyYEYyWCKUjM88D3IN+aMiedibMJvEVZIrc6Ag5HLeTZeju9sNHPJUK:z7Hotvzse78MP+k30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
460355911a4c2f341bcee31b4b154aea_JaffaCakes118

Files

460355911a4c2f341bcee31b4b154aea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8cb772379a2b5e56fbeb258d4f1fd69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
lstrcpyn
RtlMoveMemory
GetCurrentProcess
GetModuleHandleA
GetProcessHeap
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
GetVersionExA
VirtualFreeEx
WriteProcessMemory
CloseHandle
VirtualAllocEx
OpenProcess
CreateEventA
ReadProcessMemory
OpenEventA

user32

SetWindowTextA
MoveWindow
GetWindowRect
GetParent
MapWindowPoints
EnableWindow
IsWindowEnabled
CreateWindowExA
SendMessageA
LoadIconA
LoadCursorA
GetWindowTextA
DefWindowProcA
PostQuitMessage
SetFocus
GetWindowLongA
SetWindowPos
MessageBoxA
wsprintfA
GetSystemMetrics
RegisterShellHookWindow
RegisterWindowMessageA
SetWindowLongA
UpdateWindow
ShowWindow
IsWindowVisible
GetClassNameA
CallWindowProcA
RegisterClassExA
GetWindowThreadProcessId
DispatchMessageA
TranslateMessage
GetMessageA
IsWindow
OpenIcon
GetWindowTextLengthA

comctl32

ord17

msvcrt

_ftol
atoi
sprintf
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z
modf

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8cb772379a2b5e56fbeb258d4f1fd69

Headers

File Characteristics

Imports

kernel32

user32

comctl32

msvcrt

advapi32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 960B

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 960B