5cddd9cfbe28a46e71503bae10bc20d1_JaffaCakes118

General

Target

5cddd9cfbe28a46e71503bae10bc20d1_JaffaCakes118
Size

60KB
MD5

5cddd9cfbe28a46e71503bae10bc20d1
SHA1

748f2eede3d0bc30a717d29f0a6981b5fe997016
SHA256

a334bc3a876fcde68552cf1b7d4fe733da6bbc376ec1825b27556bf7ac938f16
SHA512

92090dfd8c2964b0f246911d6478f38ed8a604978ddc9d96f9da5f0b9bc68ca3ec912d495a1bfe61a4461091efe01a67bda3b9fb6866e8de9b35dc8d6f7b1995
SSDEEP

768:rBzFD3VxHZTuYPRAuXMJ7dHmgsJRRbEnGZibU7cYPF1pm+bXOzTGS5GQbn:rB1VxHZvKuX4JqbEnGuycipKnGDQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cddd9cfbe28a46e71503bae10bc20d1_JaffaCakes118

Files

5cddd9cfbe28a46e71503bae10bc20d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c58972a853d84b90c82a4acc43d1ce4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
WaitForSingleObject
FindNextFileW
GetLogicalDrives
WideCharToMultiByte
ResetEvent
CancelWaitableTimer
SetEndOfFile
FindFirstChangeNotificationW
LoadResource
GlobalDeleteAtom
FreeLibrary
ReadFile
SizeofResource
lstrcpyW
GlobalAlloc
LoadLibraryW
GetFileAttributesExW
SuspendThread
GetLastError
CreateThread
DeleteFileW
VirtualFree
FindNextChangeNotification
GetSystemTime
LoadLibraryA
GetTickCount
CloseHandle
GetProcAddress
WritePrivateProfileStringW

user32

VkKeyScanW
GetKeyState
GetWindowTextW
SendDlgItemMessageW
RegisterWindowMessageW
SetCapture
CreateWindowExW
LoadStringW
LoadBitmapW
SetForegroundWindow
LoadImageW
UpdateWindow
GetWindowDC
RegisterHotKey
GetWindowThreadProcessId
DispatchMessageW
LoadCursorW
SetCursorPos
TrackPopupMenu
PostMessageW
GetSystemMetrics
GetMessageW
SystemParametersInfoW
GetWindowRect

gdi32

CreateICW
CreatePen
CreateDCW
SetBkColor
SetBkMode
CreateCompatibleBitmap
DPtoLP
SelectObject
SetTextColor

advapi32

InitializeSecurityDescriptor
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c58972a853d84b90c82a4acc43d1ce4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB