69a467accde53ddeed0d1439a0957924_JaffaCakes118

General

Target

69a467accde53ddeed0d1439a0957924_JaffaCakes118
Size

70KB
MD5

69a467accde53ddeed0d1439a0957924
SHA1

0686e108def5e0162abe6d221f073dd12e2e32d8
SHA256

31d86c2735e67a7497b84fdd411a7c321fea3f933217744ba4edce74a6ac6c65
SHA512

c624ae317ec76e5e8745defcb7d455b35bd1e506fc9fada250f19e20dd44d705434425db85010723ff9e776ab929d3197636ec58e859dd8a2f871576c4b9ddc5
SSDEEP

1536:xJgR9lPxFP9eaoM9QFe2NwTrKH1csOkr/ot:xJgzIe2NwT2zAt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a467accde53ddeed0d1439a0957924_JaffaCakes118

Files

69a467accde53ddeed0d1439a0957924_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b9a2c269eae82afa2b5ed21b9d8577a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
Sleep
GetFileAttributesA
UnhandledExceptionFilter
MapViewOfFile
LeaveCriticalSection
FindFirstFileA
GetExitCodeThread
GetCurrentThreadId
VirtualFree
GetProcessWorkingSetSize
CreateThread
GetDateFormatA
GetProcessAffinityMask
lstrcpyA
GlobalAlloc
GetConsoleMode
GetNumberFormatA
LocalFree
QueryPerformanceCounter
GetStartupInfoA
GetLocaleInfoW
GetModuleHandleA
SizeofResource

user32

ModifyMenuA
SendMessageA
SetWindowPos
CheckRadioButton
GetSysColor
GetSysColorBrush
DeleteMenu
WindowFromPoint
GetMenuItemID
GetDesktopWindow
UnionRect
wsprintfA
IsDialogMessageA
GetDC
TranslateAcceleratorA
DrawTextA
DefMDIChildProcA
LoadIconA
FindWindowA
BeginPaint
MapWindowPoints
EnableWindow

gdi32

SetTextAlign
CreateRectRgnIndirect
Polyline
SelectClipRgn
DeleteObject
GetBkMode
EndPage
GetTextExtentPoint32A
CreateRectRgn
SetBkColor
DeleteDC
SetTextColor
CreateCompatibleBitmap
SaveDC
EndDoc

msvcrt

_tell
_initterm
difftime
__setusermatherr
_acmdln
_ultoa
memcpy
_except_handler3
localtime
exit
_XcptFilter
__set_app_type
vprintf
strncat
wcscspn
sscanf
_ismbchira
_time64
_mbsnbcmp
fsetpos
_fstat
_atoi64
__p__fmode
_exit
_controlfp
wcscmp
_ismbbalnum
__p__commode
wcsncpy
_adjust_fdiv
_heapset
__getmainargs
_mbbtype

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9a2c269eae82afa2b5ed21b9d8577a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 60KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 60KB

.rsrc
Size: 40KB - Virtual size: 40KB