488b099073542b5119c5c68f00fb63e2_JaffaCakes118

General

Target

488b099073542b5119c5c68f00fb63e2_JaffaCakes118
Size

56KB
MD5

488b099073542b5119c5c68f00fb63e2
SHA1

4b57d825bd4e1ed1ccd784b134cc1d94aaa4ea34
SHA256

6dd42a01415822108bcf87f10a8bf45f355b0b8d4ecf7552392ce97c91e6642d
SHA512

fb76e98a548fc0a74df320cbba875ddcb04fb791d245e487a4571307eee1da419d4215652e638c05dbf2d3c7516b5fc29f2ed4dd244224bac3915d73f345d4d1
SSDEEP

768:lZdyZi9PQRLGLTmwTBxMfYEh9rNRkdlc03rWCthNaDVQYP834SH3N:5WMQRLG/dJEDNRkLnr1gBQYPwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488b099073542b5119c5c68f00fb63e2_JaffaCakes118

Files

488b099073542b5119c5c68f00fb63e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf57fd74fc33e65b5fd9672ef72539e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SetEvent
GetModuleFileNameW
CloseHandle
WriteFile
GlobalFree
ReadFile
SetEndOfFile
FindResourceW
MoveFileW
GetModuleHandleW
GetTickCount
DeleteFileW
GetLocalTime
CreateThread
GetProcAddress
GetUserDefaultLangID
FindClose
ResetEvent
SetLastError
MulDiv
GlobalAlloc
lstrcpyW
LockResource
CreateFileW
FindFirstFileW
LoadLibraryA
WideCharToMultiByte

user32

GetWindowTextW
GetSysColor
OffsetRect
LoadImageW
TranslateMessage
SetLayeredWindowAttributes
DefWindowProcW
SetWindowTextW
SystemParametersInfoW
GetWindowThreadProcessId
EndDialog
UpdateWindow
GetClassNameW
SetForegroundWindow
DrawTextW
GetMessageW
ReleaseDC
wsprintfW
DispatchMessageW
LoadStringW
GetWindowRect
GetParent
EnableWindow
SetWindowPos
DestroyIcon

gdi32

CreateFontIndirectW
Rectangle
GetStockObject
CreateICW
SetTextColor
LineTo

advapi32

SetSecurityDescriptorDacl
RegDeleteValueW
RegCloseKey
RegSetValueExW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3cf57fd74fc33e65b5fd9672ef72539e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1016B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1016B