689f1599d8678f5061f72f6e042d6d2c_JaffaCakes118

General

Target

689f1599d8678f5061f72f6e042d6d2c_JaffaCakes118
Size

60KB
MD5

689f1599d8678f5061f72f6e042d6d2c
SHA1

45609a5209c90011332c89e9f8f7ae640c5ddac0
SHA256

3d7a3f5e41956e15ab9899d11928c50c6cb1d85c0a0294f7c76edb07c84f3177
SHA512

57c3bb713a9df15b2b6f41648f75cd523f36909376a11d968012303d39e7717ff534e89323eace00426b3a931b46566a37eb604764f37f633400ff15aa8075f2
SSDEEP

1536:MT7JAGLCM8OgyAEd6kz2xPWzDPSu/Dzz:MJAGm7OgCMkz2Buvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
689f1599d8678f5061f72f6e042d6d2c_JaffaCakes118

Files

689f1599d8678f5061f72f6e042d6d2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

295b52ab2674ca34f789ae8baf657de9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CreateFileW
InterlockedIncrement
GetDriveTypeW
GetCurrentThread
GetFileAttributesW
FindResourceExW
FindFirstFileW
FindFirstChangeNotificationW
GlobalDeleteAtom
LoadLibraryA
FindResourceW
SetCurrentDirectoryW
MulDiv
SetEvent
WideCharToMultiByte
VirtualAlloc
SetLastError
GetProcAddress
ReadFile
WritePrivateProfileStringW
GetLogicalDrives
MultiByteToWideChar
GetPrivateProfileStringW
SuspendThread
WriteFile

user32

GetWindowThreadProcessId
RedrawWindow
GetDlgItem
TrackPopupMenu
RegisterClassExW
DispatchMessageW
DestroyMenu
IsDlgButtonChecked
FillRect
SendMessageW
LoadIconW
AppendMenuW
InvalidateRect
GetKeyState
GetWindowDC
DialogBoxParamW
LoadStringW
LoadCursorW
GetMessageW
ReleaseDC
GetWindowTextW
SetLayeredWindowAttributes

gdi32

CreateSolidBrush
SetTextColor
StretchBlt
GetDeviceCaps
SetBkColor
GetMapMode
GetStockObject
CreateFontIndirectW
GetClipBox
LineTo

advapi32

RegSetValueExW
RegCreateKeyExW
StartServiceW
RegQueryValueExW
LookupAccountSidW
InitializeSecurityDescriptor
RegDeleteValueW

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

295b52ab2674ca34f789ae8baf657de9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB