6a694de2a9195e21ac610fd56a0f6718_JaffaCakes118

General

Target

6a694de2a9195e21ac610fd56a0f6718_JaffaCakes118
Size

296KB
MD5

6a694de2a9195e21ac610fd56a0f6718
SHA1

e1fb41c072be26d7ef83489634a3080c8c5bab9c
SHA256

f0f5d2898f653b22eeb58897747926e29d6b41c662f872672c54251d476ba13d
SHA512

45ef8f13e5d76a2104422c90d28b4ace90829b38cc2cfbc59b090436a3a0ee3619a43cee2b5006383f91e60398e29958203d69faa3108af7d87ca76bb9d7f15f
SSDEEP

6144:ANvHs4pTKNjtXhrSMlfUlGS6mHT0Tj3ElTrSE22hllTa6HepKMELBwxwCYayMTtR:AJHs4pWbQMlfUlBzM3ElTThl2KMXx5Yv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a694de2a9195e21ac610fd56a0f6718_JaffaCakes118

Files

6a694de2a9195e21ac610fd56a0f6718_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c521e9555851f835c34791eb43181dad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
MulDiv
Sleep
SetWaitableTimer
WaitForMultipleObjects
GetModuleHandleW
SetCurrentDirectoryW
GetDriveTypeW
FindResourceExW
lstrlenW
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
QueryDosDeviceW
GetSystemTime
CreateWaitableTimerW
CloseHandle
MultiByteToWideChar
WriteFile
DeleteFileW
InterlockedDecrement
VirtualAlloc
GetCurrentThread
LoadResource
GetFileSize
CancelWaitableTimer
GlobalFree
FileTimeToSystemTime
SetEvent
WaitForSingleObject
FreeResource
ResetEvent
GetModuleFileNameW
ExitProcess
SetThreadPriority

user32

PostQuitMessage
RegisterClassExW
SetDlgItemTextW
GetCursorPos
DispatchMessageW
DestroyMenu
DestroyIcon
IsWindow
SetLayeredWindowAttributes
GetSystemMetrics
SetCursor
GetWindowRect
DefWindowProcW
TranslateMessage
GetWindowTextW
EnableWindow
GetMessageW
GetParent
GetKeyState
SetCursorPos
IsDlgButtonChecked

gdi32

SetMapMode
CreateRoundRectRgn
Rectangle
GetDeviceCaps
BitBlt
CreateSolidBrush
GetObjectW
DeleteDC
MoveToEx
CreateCompatibleDC
CreateFontIndirectW
SetTextColor
SetBkMode
GetStockObject
SetBkColor
LineTo
SelectObject

advapi32

RegNotifyChangeKeyValue
GetUserNameW
RegDeleteValueW

shell32

Shell_NotifyIconW

ole32

CoInitializeEx

oleaut32

SysFreeString

Sections

.text
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c521e9555851f835c34791eb43181dad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 260KB - Virtual size: 256KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 260KB - Virtual size: 256KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 24KB