5f6f240650a603b77c2d51f251b1cc30_JaffaCakes118

General

Target

5f6f240650a603b77c2d51f251b1cc30_JaffaCakes118
Size

386KB
MD5

5f6f240650a603b77c2d51f251b1cc30
SHA1

ea2f4ee7a8226af617fa31b73757506603a64da2
SHA256

27694a6e59d54958326ac424d2b5480b14c1cea6e2b276cf45c2e3b0e567bf54
SHA512

57f2ff209326aa73a1adcd2be0c3b544ffb678fb6cc737d6155fe95672b89aeeb2f11a062b6455284837cebeb313b50d0f8df57a9804a03e730816ba497e03de
SSDEEP

6144:mFpVRl8ryV/UQ7zgp2/Q6fyzHBGPE+txVUo2GilMyCAZLtZUeA4iQldfT:2loyza2Y60H03UHGaZLRA0ldfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f6f240650a603b77c2d51f251b1cc30_JaffaCakes118

Files

5f6f240650a603b77c2d51f251b1cc30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

795f1584ef654e3c646ae6776a3a37bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegSetValueA

kernel32

ExitProcess
SetUnhandledExceptionFilter
TerminateThread
TlsAlloc

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
memcpy
signal
strcpy
wcscpy

user32

BeginPaint
CallWindowProcW
DestroyWindow
DrawFrameControl
DrawTextW
EndPaint
GetClassNameW
GetClipboardFormatNameW
GetDlgItem
GetKeyState
GetMenuStringW
GetMessagePos
GetMessageW
GetParent
GetSystemMetrics
GetWindowDC
GetWindowLongW
InvalidateRect
LoadBitmapW
LoadCursorW
PostQuitMessage
RegisterClassW
ReleaseCapture
SendMessageW
SetCursor
UnhookWindowsHookEx

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 223KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

795f1584ef654e3c646ae6776a3a37bd

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 156B

.idata Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 576B

.bss Size: - Virtual size: 223KB

.rsrc Size: 184KB - Virtual size: 184KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 156B

.idata
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 576B

.bss
Size: - Virtual size: 223KB

.rsrc
Size: 184KB - Virtual size: 184KB