481fd6034511985ec408c69558b9a08f_JaffaCakes118

General

Target

481fd6034511985ec408c69558b9a08f_JaffaCakes118
Size

316KB
MD5

481fd6034511985ec408c69558b9a08f
SHA1

865871f6406a80e2b5c9c339540acc86741b6add
SHA256

428797851a820f860383d58b41e8bd7b4238fb3a6812ddbe797ee6dcf4ba394b
SHA512

2b63df2314568b9532e777c04c7d62d8f24d39ab54b0fe21bba89de203c2d49e8d0d0c756626d8d93fc9244cfb85aaf30467733ce089b6c8b4b4e4b357d2e48a
SSDEEP

6144:z0gbf/x3b4y0+amDkIjHodlZ7V2xA2PqwvhFbjLVnS9KAIdwTmPBp0qMlBYnT2ma:z0iXxMy0+9boZIxFSYhFbnVIKAi0ncTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
481fd6034511985ec408c69558b9a08f_JaffaCakes118

Files

481fd6034511985ec408c69558b9a08f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49b362eeaaf1e61302c9c61838abf5fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

wsprintfA
SetRectEmpty
CharNextW
SendMessageA
MessageBoxA
GetParent
LoadStringA
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowLongA
RegisterClassA
ClientToScreen
GetWindowTextA
EndDialog
IsWindowVisible
CreateWindowExA
LoadCursorA
EnableMenuItem
TranslateAcceleratorA
EnumWindowStationsW
FindWindowA
GetClientRect
CharPrevW
DialogBoxParamA
TrackPopupMenuEx
InvalidateRect

kernel32

GetCurrentThreadId
GetProcessHeap
LeaveCriticalSection
HeapAlloc
lstrcpyA
FlushFileBuffers
lstrcatA
LoadResource
EnterCriticalSection
ExitProcess
FindResourceA
lstrlenA
IsBadWritePtr
HeapFree
lstrlenW
WideCharToMultiByte
LockResource
HeapReAlloc

advapi32

RegDeleteKeyA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueA
RegEnumValueA
RegSetValueExA

secur32

GetUserNameExW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49b362eeaaf1e61302c9c61838abf5fa

Headers

File Characteristics

Imports

user32

kernel32

advapi32

secur32

ole32

Sections

.text Size: 207KB - Virtual size: 207KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 101KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 73KB

.text
Size: 207KB - Virtual size: 207KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 101KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 73KB