4d62850be8b3512997092c4e71630221_JaffaCakes118

General

Target

4d62850be8b3512997092c4e71630221_JaffaCakes118
Size

60KB
MD5

4d62850be8b3512997092c4e71630221
SHA1

1144593e31b0c594377eba127baed516e52b1179
SHA256

025345841259a95175a0d7c86bc29725503c7fcec3ab719b0f4b7498aae8e6ba
SHA512

eca22d00bd9761efaab00bdb67523327cfd2c155bcc1ae5d0606b8240b1c710b5674e862c3d6a693315e7ee95af299ee670bfe6058892c40dc9b50d018631f10
SSDEEP

768:VHMQooTrp3MyD17xRNroyPSW+NsiRtoBISCbNe/0B4dE6keGRlcfEAMjrHyQU:r3Ki1fstssyANuM2kJCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d62850be8b3512997092c4e71630221_JaffaCakes118

Files

4d62850be8b3512997092c4e71630221_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ab643a30c83dc3089bc5715e8b9ca36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CancelWaitableTimer
GetCurrentProcessId
LoadLibraryA
CreateThread
GetLogicalDrives
GlobalUnlock
CreateEventW
GetModuleHandleW
FindResourceW
TerminateThread
GlobalAlloc
WaitForSingleObject
ReadFile
WideCharToMultiByte
WritePrivateProfileStringW
GetProcAddress
InterlockedIncrement
CreateProcessW
GetCurrentThreadId
ResumeThread
GlobalAddAtomW
GetUserDefaultLangID
lstrlenW
GetModuleFileNameW
VirtualFree
CreateFileW
GetFileAttributesW

user32

GetWindowThreadProcessId
EndDialog
SetLayeredWindowAttributes
TrackPopupMenu
SetWindowTextW
RegisterWindowMessageW
ReleaseCapture
SetForegroundWindow
MessageBoxW
GetClassNameW
LoadBitmapW
DestroyMenu
PostMessageW
GetMessageW
SetDlgItemTextW
SystemParametersInfoW
LoadImageW
SetCursorPos
OffsetRect

gdi32

CreateCompatibleDC
GetDeviceCaps
DeleteDC
SetTextColor
DPtoLP
MoveToEx

advapi32

RegCloseKey
SetSecurityDescriptorDacl
LookupAccountSidW
StartServiceW
GetUserNameW
RegQueryValueExW
RegCreateKeyExW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ab643a30c83dc3089bc5715e8b9ca36

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 996B

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 996B