654a8e15638e7e5d0fca95dd3388481e_JaffaCakes118

General

Target

654a8e15638e7e5d0fca95dd3388481e_JaffaCakes118
Size

310KB
MD5

654a8e15638e7e5d0fca95dd3388481e
SHA1

87e282cfaf021e14840af54d1f32be1ccd32dc7c
SHA256

5ad6e4adac71c19f3f48c9962f3fa26ac0f6e6ab4d9fccfc14fef1a229d65bcd
SHA512

509388db3d0ac19ed2aeea922ee850d9aee5c2b1dbec55933694dd450753f6003a6f60be2e883d04b3e1b77044fe60794932536f1be39f883262a730397de745
SSDEEP

6144:HOR52PvUl0MQPIQ6P77MvP39GZOsULQAXA1VHWt7wnInOCjfjb:H2ovGI677MvPNG4BXA1VY7wu/n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
654a8e15638e7e5d0fca95dd3388481e_JaffaCakes118

Files

654a8e15638e7e5d0fca95dd3388481e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1f707b7988827998370b6b497750c643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
LoadBitmapW
PeekMessageA
WindowFromPoint
UnregisterClassA
DestroyWindow
MapWindowPoints
EndDialog
GetClientRect
MoveWindow
GetParent
MessageBoxA
LoadImageW
IsChild

kernel32

QueryPerformanceCounter
SetConsoleCtrlHandler
GetUserDefaultLCID
VirtualAlloc
WriteConsoleW
OutputDebugStringA
GetStdHandle
CompareFileTime
CreateDirectoryA
GetCommandLineA
GetWindowsDirectoryA
InterlockedCompareExchange
SearchPathW
GetModuleFileNameW
HeapSize
lstrlenA
TlsAlloc
GetFullPathNameW
GetProcAddress
GetTickCount
FreeLibrary
SetLastError
GetSystemTime
GetCurrentThreadId
SetFilePointer
ExitProcess
GetEnvironmentVariableW
lstrcpynA
FindNextFileW

msvcrt

_vsnwprintf
_unlock
_XcptFilter
memset
_adjust_fdiv
memcpy
??0exception@@QAE@XZ
malloc
__set_app_type

gdi32

CreateSolidBrush
ExtTextOutW
GetTextExtentPoint32W

shell32

SHGetMalloc

opengl32

glPushMatrix

ntdll

NtCurrentTeb

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f707b7988827998370b6b497750c643

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

gdi32

shell32

opengl32

ntdll

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 117KB - Virtual size: 116KB

.data Size: 5KB - Virtual size: 913KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 117KB - Virtual size: 116KB

.data
Size: 5KB - Virtual size: 913KB

.rsrc
Size: 2KB - Virtual size: 2KB