6227f5f86c0eb1f74f713f97de23b8c9_JaffaCakes118

General

Target

6227f5f86c0eb1f74f713f97de23b8c9_JaffaCakes118
Size

942KB
MD5

6227f5f86c0eb1f74f713f97de23b8c9
SHA1

a6cba776428b82b4bbe4a53b914f6cfc09adeb2e
SHA256

49d0e06a593fb77464bef29e6cc9ad57e54b487575a758adfcb7a2630317fe39
SHA512

6654e6f9dc08291dc590c1b2e212f9f11535f44f3662b97e44ced9a1c080a241a9fb9795cb61407391d4098699ac8fa8f0ebce9bf4a562683e7d238392aa3000
SSDEEP

12288:0dDYyi5xLTMDKgIjWagrqS5LueaWB+p+XRN5W2iqRoWdlU0zI92JL0y78nG2L2RE:kMLFTWIfSDaE+pQhWLkoMlHzSGi2RZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6227f5f86c0eb1f74f713f97de23b8c9_JaffaCakes118

Files

6227f5f86c0eb1f74f713f97de23b8c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f585de181b36118455ecd7f0579958c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InsertMenuItemA
FindWindowA
GetAsyncKeyState
DestroyMenu
SetForegroundWindow
EnableMenuItem
CharNextA
RegisterClassA
PostQuitMessage
DestroyWindow
CharNextW
MessageBoxA
RegisterWindowMessageA
CreateWindowExA
LoadStringW
DestroyIcon
GetWindowTextW
SendMessageA
SetMenuDefaultItem
InsertMenuItemW
DispatchMessageA
GetCursorPos
TrackPopupMenu
DefWindowProcA
GetMessageA
LoadImageA
CreatePopupMenu

kernel32

FreeLibrary
GetTickCount
lstrcpynW
CreateFileA
lstrcpynA
SetFilePointer
GetEnvironmentVariableA
ExitProcess
GetVolumeInformationW
ReadFile
CloseHandle
GlobalAlloc
LoadLibraryExA
lstrlenW
GetDriveTypeW
GetModuleHandleA
GetLogicalDrives
GetPrivateProfileStringA
SetErrorMode
lstrlenA
GetModuleFileNameA
GetPrivateProfileIntA

shlwapi

StrToIntA
PathFileExistsA

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconW
SHGetSpecialFolderPathA

msvfw32

DrawDibProfileDisplay
ICRemove

Sections

.text
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 406KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f585de181b36118455ecd7f0579958c

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

shell32

msvfw32

Sections

.text Size: 517KB - Virtual size: 516KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 406KB - Virtual size: 3.7MB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 517KB - Virtual size: 516KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 406KB - Virtual size: 3.7MB

.rsrc
Size: 16KB - Virtual size: 16KB