71f80acdd70c34ba0946ff624f9931a1_JaffaCakes118

General

Target

71f80acdd70c34ba0946ff624f9931a1_JaffaCakes118
Size

25KB
MD5

71f80acdd70c34ba0946ff624f9931a1
SHA1

25b2d4b7b41fca048030b4f9136d216164153b04
SHA256

4c33240f39fe10fe8a1feaa7b26656434728e1d8041a7810cf632c9a835e9fd5
SHA512

fcf151773f0e75fd671f53427d004590fc0eb6c9d1b96e328793f508333a49d87b429324779472899d45679fcecad13565637fd23d6a9d1f54e0442eac0a3fff
SSDEEP

768:fJpLBoPz8XLi2Muf3MCoNf1OIGofCr1YgyF27a97:poPz8X22MM7oNf1O/ofKuoaR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f80acdd70c34ba0946ff624f9931a1_JaffaCakes118

Files

71f80acdd70c34ba0946ff624f9931a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c529da4fa9cdb0cb6c205543cf933a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrcpynA
VirtualAlloc
GetProcessHeap
QueryPerformanceCounter
VirtualProtect
GetTickCount
lstrcmpA
lstrcmpi
VirtualProtect
LocalAlloc
GetCurrentProcessId
LoadLibraryW
GetACP
QueryPerformanceFrequency
lstrcmpW
lstrcpy
lstrcat
FreeLibrary

user32

CheckRadioButton
LoadStringA
DefWindowProcW
MoveWindow
ChangeMenuW
DestroyWindow
GetSystemMenu
CharUpperA
RegisterWindowMessageW
GetWindowLongW
GetWindowTextLengthW
PostMessageW
RegisterWindowMessageA
CreateWindowExA
SetTimer
GetWindowTextLengthA
SendMessageW
LoadCursorW
SetCapture
LoadIconW
UpdateLayeredWindow
LoadImageA
DefWindowProcA
LoadImageW
LoadStringW
GetSystemMetrics
GetParent
RegisterClassExA
RegisterClassExW
DrawIcon
CheckMenuItem
LoadMenuA
GetDC
LoadIconA
LoadCursorA
GetCapture
EnableWindow
CharUpperW

gdi32

StretchDIBits
CreateDIBitmap
CreateBitmap
SelectBrushLocal
SetTextColor
DeleteDC
SetBkMode
GetObjectA
ResetDCW

advapi32

RegRestoreKeyW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c529da4fa9cdb0cb6c205543cf933a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 996B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 996B