661c5a3028d261e8bf8787bc5af5dd28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

661c5a3028d261e8bf8787bc5af5dd28_JaffaCakes118
Size

861KB
MD5

661c5a3028d261e8bf8787bc5af5dd28
SHA1

8b6084c6be01662e9338fd2012833be16d40ffc9
SHA256

46c2dbaa1fb3de38c226c55561477ae8b05a47d12da90589d0b7765d265bb4ab
SHA512

5e7ec21520d5daaba7c36c3b860fae261e766cce5b02df239d3c828ce043731d1f6c9340eb15bbd3d4ed765ca78d370378b8920eaab34b4f6fcea149eb9ed888
SSDEEP

12288:i+vZVUes1StMcmmjxb2co4mhj1cezKx/OJqeBPNiYv8i/vC7gKPy+ARStWW:iKU6lmmtW4mhj1ce6mQINL8iNKaR8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
661c5a3028d261e8bf8787bc5af5dd28_JaffaCakes118

Files

661c5a3028d261e8bf8787bc5af5dd28_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36480a1a7ec59fbef73f39f8ead6e396

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
CallWindowProcW
DrawEdge
DrawIcon
BringWindowToTop
IsWindowEnabled
GetNextDlgTabItem
LoadBitmapW
GetSysColorBrush
GetWindowLongW
LoadMenuW
MsgWaitForMultipleObjects
CharNextA
SetWindowsHookExA
AdjustWindowRectEx
RemoveMenu
GetSystemMetrics
CheckRadioButton
EnumWindows
SetRectEmpty
MessageBoxA
LoadIconW
IsWindowVisible
SetWindowLongW
GetSystemMenu
MessageBeep
GetWindow
SetWindowRgn
SetWindowTextW
DestroyWindow

kernel32

ExitThread
lstrlenW
GetConsoleOutputCP
GetFileTime
SetConsoleCtrlHandler
LCMapStringA
GetSystemDirectoryA
TlsGetValue
ResetEvent
ResumeThread
GetLocaleInfoW
LeaveCriticalSection
HeapReAlloc
GetTempPathW
GetEnvironmentStringsA
GetCurrentThread
GetCPInfo
DuplicateHandle
ExpandEnvironmentStringsA
DeviceIoControl
UnlockFile
LoadLibraryExW
GetStartupInfoW
DeleteFileA
FileTimeToLocalFileTime
LoadLibraryA
InterlockedCompareExchange
LocalReAlloc
OpenProcess
VirtualAlloc
FindClose
EnterCriticalSection
HeapSize
LCMapStringW
DeleteCriticalSection
SetThreadPriority
GetSystemInfo
RtlUnwind

advapi32

OpenThreadToken
DeregisterEventSource
RegDeleteValueW
RegCloseKey

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36480a1a7ec59fbef73f39f8ead6e396

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 305KB - Virtual size: 304KB

.data Size: 388KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 305KB - Virtual size: 304KB

.data
Size: 388KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB