60b9067b95b5e6902b7ace52c29651e0_JaffaCakes118

General

Target

60b9067b95b5e6902b7ace52c29651e0_JaffaCakes118
Size

60KB
MD5

60b9067b95b5e6902b7ace52c29651e0
SHA1

bbb5e042919e59f171ba1b8759fcec07369a4f01
SHA256

8f79d935011ba42bae174811772798e9d8557f023ab5ba24db45b694fd76a255
SHA512

14b103507df82aff297c6e6add11c72bf3843693fd6c3e60e60e1eb4831438ff075189ffe59f5417dc9178c465c24e1f46d6f7bb12f782cd27d6bd30e0b71fa4
SSDEEP

768:cu1qu5wH14+hbHM3e8tKAll9yY6odgaxh7U0CMmo30JGI4ZfTTxG1YLOa5:csr6Dho3ekKoxFfhQnc0JGIWBGC6a5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60b9067b95b5e6902b7ace52c29651e0_JaffaCakes118

Files

60b9067b95b5e6902b7ace52c29651e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8e7657c6f18fea0fa5fadc070be85ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
WriteFile
lstrcpyW
FindFirstChangeNotificationW
CancelWaitableTimer
CreateThread
FindNextChangeNotification
CloseHandle
GetModuleFileNameW
GlobalFree
GetSystemTime
FindFirstFileW
SetWaitableTimer
SizeofResource
GetCurrentProcess
FindClose
GetCurrentProcessId
ResumeThread
QueryDosDeviceW
CreateEventW
WideCharToMultiByte
SuspendThread
TerminateThread
MulDiv
FindResourceExW
GlobalAlloc
SetFilePointer
GetFileSize
LoadLibraryA
LoadResource
GetVersion
ReadProcessMemory
GetModuleHandleW
lstrlenW
WaitForSingleObject
CreateProcessW
SetLastError

user32

LoadImageW
GetParent
OffsetRect
ReleaseCapture
RegisterHotKey
SetWindowTextW
SetLayeredWindowAttributes
InvalidateRect
SystemParametersInfoW
GetWindowRect
DialogBoxParamW
DestroyMenu
GetClassNameW

gdi32

GetDeviceCaps
GetStockObject
SetBkColor
CreateICW
SelectObject
MoveToEx
SetBkMode
CreateRoundRectRgn
SetTextColor

advapi32

RegOpenKeyExW
RegSetValueExW
InitializeSecurityDescriptor
GetUserNameW
RegCloseKey
RegQueryValueExW
SetSecurityDescriptorDacl

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8e7657c6f18fea0fa5fadc070be85ec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB