6544f5d975bb3c1071833b18648f5401_JaffaCakes118

General

Target

6544f5d975bb3c1071833b18648f5401_JaffaCakes118
Size

27KB
MD5

6544f5d975bb3c1071833b18648f5401
SHA1

734b271f7502b913cf62f3723243720c6d4d74a1
SHA256

a2010b62d5e533710e81d2d56988bb634b6baaaca4464e455af40e6393e8f0ff
SHA512

9371fd69950bf8f19f21225014923914459e096bf60712fb3a2b9aee84f6a6481276725881f511d03ddf4a7d20c417f1dd5c52346319d075743509edd7f16807
SSDEEP

384:FTpRnobTzZl4kYYPxln1FMVKl6kQG4dDs9TXlevdXTHJGHhyQQId1/VXLx4:9pRnorZyOBANDULleVXTHJYdQId14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6544f5d975bb3c1071833b18648f5401_JaffaCakes118

Files

6544f5d975bb3c1071833b18648f5401_JaffaCakes118
.exe windows:12806 windows x86 arch:x86

fbe2cb5af7ecd3007675014ef63f1ec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetProcessHeap
LocalFree
GetCurrentProcessId
GetCurrentThreadId
SetEvent
GetCommandLineW
WriteFile
GetCurrentProcessId
LocalAlloc
InterlockedIncrement
InterlockedIncrement
SetFilePointer
HeapAlloc
FreeLibrary
lstrcpyW
lstrlenW
VirtualAlloc
lstrcpyW
GetProcessHeap
GetCommandLineA
LocalFree
GetCommandLineA
GetACP
GetCurrentProcessId
GetModuleFileNameA
CreateThread
CreateFileW
GetACP
GetTickCount
lstrcpyW
VirtualAlloc
ReadFile

user32

GetParent
GetKeyState
wsprintfA
PostQuitMessage
TranslateMessage
UpdateWindow
GetSubMenu
GetSubMenu
LoadCursorW
ReleaseCapture
DialogBoxParamW
SetWindowPos
SendMessageW
ReleaseDC
LoadIconW
CheckDlgButton
KillTimer
SetWindowLongW
GetDC
LoadImageW
wsprintfW
ReleaseDC
RegisterClassExW
MessageBeep
EnableWindow
SetWindowPos
GetDesktopWindow
SystemParametersInfoW
GetMessageW
InvalidateRect
CopyRect
CallWindowProcW
wsprintfW
FindWindowW
FillRect
GetDlgCtrlID
GetWindowTextW
GetSysColor
EnableMenuItem
LoadCursorW
ReleaseDC
GetSysColor
DrawTextW
GetClientRect
LoadImageW
LoadAcceleratorsW
GetSystemMenu
EndDialog
MessageBoxA
GetMessageW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbe2cb5af7ecd3007675014ef63f1ec1

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB