5d2dd7a6ba8bb5ac45845ffe08fea7b3_JaffaCakes118

General

Target

5d2dd7a6ba8bb5ac45845ffe08fea7b3_JaffaCakes118
Size

118KB
MD5

5d2dd7a6ba8bb5ac45845ffe08fea7b3
SHA1

e7afc40781d86a6a25b9276e7dea87bf2ba0cb67
SHA256

6623e3bdfdb24b00e10a5db56c26fc77a91628ed08ea8b025b4bf11910437bdb
SHA512

c19b692d1df92f74fe126c86ce0205cd56ea840b99630e7c2b4843371ffc7d4691ec050c268d6212c0099734477b9dbf3972c6c231085440ccaf13ee8b04dfc3
SSDEEP

3072:+tYyj903jApKmX/A0gGcoEXvOm9gjFljrsuARQll:6jy3jnCAJHOpFVrJkQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2dd7a6ba8bb5ac45845ffe08fea7b3_JaffaCakes118

Files

5d2dd7a6ba8bb5ac45845ffe08fea7b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7579904da2ccf351192159cfd595e3e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBits
Rectangle
GetViewportOrgEx
EnumObjects
CreatePenIndirect
CreatePalette
CreateRoundRectRgn

user32

TranslateMessageEx
EndPaint
IsCharLowerA
LoadCursorA
RegisterClassExA
GetSystemMetrics
LoadStringW
SetWindowLongA
DialogBoxParamW
LoadIconW
BeginPaint
GetDlgItemTextW
PeekMessageW
EnableWindow
SetWindowTextA
CreateWindowExA
SendDlgItemMessageW
SendMessageW
KillTimer
GetWindowLongA
PeekMessageA
CharPrevW
CharNextW
SetDlgItemInt
GetWindowRect
SetTimer
DefWindowProcA
DestroyWindow
PostMessageW
IsWindow
GetDlgItemInt
LoadIconA
CreateWindowExA
GetWindowLongW
CharNextExA
GetDlgItem

kernel32

IsBadReadPtr
WaitForMultipleObjects
GetLocalTime
OpenEventW
GetProfileIntW
DosDateTimeToFileTime
GetCurrentDirectoryW
lstrcmpi
LoadLibraryW
LoadLibraryA
GetStartupInfoA
DeleteAtom
GetEnvironmentVariableA
FileTimeToSystemTime
GetCurrencyFormatW
_lcreat
GetCurrentProcessId
CancelWaitableTimer
CreatePipe

ntdll

NtCreateWaitablePort
NtAllocateVirtualMemory
_aulldvrm

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7579904da2ccf351192159cfd595e3e4

Headers

File Characteristics

Imports

gdi32

user32

kernel32

ntdll

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 59KB - Virtual size: 60KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 59KB - Virtual size: 60KB

.rsrc
Size: 6KB - Virtual size: 5KB