635c85b859af6cb1e5271d137aa02eb0_JaffaCakes118

General

Target

635c85b859af6cb1e5271d137aa02eb0_JaffaCakes118
Size

17KB
MD5

635c85b859af6cb1e5271d137aa02eb0
SHA1

8c93c6c7201cf08a050e7064d59d4b40ca28858d
SHA256

c2b06ac2d97ad1265edadd74ffbcc5916f0045af5a7873868ee10c55d3671a50
SHA512

6edd88d72c0223d284a1f5562810f102ac0c90ec6aa9c63669cd1fd0621cd1ef4b7505a5735cf91a38eef5348b8b13401e55bf6ee0b04a13a8b73ad8a3989fc9
SSDEEP

384:w0mScjX6+HkcvCzB8bvP6Bp5FaaQd1z/Lw3baYpCN3Z:BBcjX64kHMn6BpoB/MrpgN3Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
635c85b859af6cb1e5271d137aa02eb0_JaffaCakes118

Files

635c85b859af6cb1e5271d137aa02eb0_JaffaCakes118
.exe windows:47255 windows x86 arch:x86

1b65e502ca20aefc9c441275e7d2a56f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
VirtualAlloc
LoadLibraryA
QueryPerformanceCounter
GetProcAddress
GetACP
GetCurrentProcess
SetEvent
GetModuleHandleW
SetEvent
SetFilePointer
CloseHandle
VirtualFree
GetCommandLineW
GetProcessHeap
ExitProcess
FreeLibrary
lstrlenW
SetEvent
HeapDestroy
HeapDestroy
GetProcAddress
GetModuleFileNameA
LoadLibraryA
InterlockedDecrement
HeapAlloc
SetLastError
GetCurrentProcessId
GetProcessHeap
lstrlenW
SetFilePointer
QueryPerformanceCounter

user32

SetWindowTextW
DestroyWindow
LoadAcceleratorsW
MoveWindow
GetWindowRect
GetDlgItemTextW
SetForegroundWindow
GetKeyState
ShowWindow
GetParent
TranslateMessage
EndDialog
ReleaseCapture
SetWindowTextW
GetWindowLongW
MessageBoxA
IsDlgButtonChecked
LoadCursorW
IsDialogMessageW
GetDlgCtrlID
UpdateWindow
TranslateMessage
LoadIconW
SetCapture
SetCapture
SystemParametersInfoW
IsDlgButtonChecked
FindWindowW
PeekMessageW
PtInRect
SendMessageW
LoadImageW
CreateDialogParamW
IsWindowVisible
GetCursorPos
LoadStringW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b65e502ca20aefc9c441275e7d2a56f

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB