721e63150699d1495d3e428e258fcc0f_JaffaCakes118

General

Target

721e63150699d1495d3e428e258fcc0f_JaffaCakes118
Size

170KB
MD5

721e63150699d1495d3e428e258fcc0f
SHA1

ee23b4105b44a0090dabc722920e625cb4baf10d
SHA256

d5d542189000d9f8e009ab49faddd28386abfb5fb633629f04b8d595b03090b9
SHA512

ef9cfa3ad9091ae7b30997bea1314067fb6d839b5dc4cda2a3ec3fde6d1400df0b7fcac95d06e8620ed4b52d28f75d631cd5122300a574a5cfea608c2aa397c0
SSDEEP

3072:wVSYYZbASP/+OGDJIZBcyJ+RXQK4UbwWhbZuq3sPE:w4DbAS6DJIZBaR4bWhbgE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
721e63150699d1495d3e428e258fcc0f_JaffaCakes118

Files

721e63150699d1495d3e428e258fcc0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db56beb904c5fc469d6b16fa77cf2659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoUninitialize

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

advapi32

RegSetValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

user32

TranslateMessage
SendMessageA
PostMessageA
PeekMessageA
DispatchMessageA
wsprintfA

kernel32

DeleteCriticalSection
DeleteFileW
DosPathToSessionPathW
GetACP
GetLastError
InterlockedIncrement
FreeLibrary
GetDiskFreeSpaceExW
CreateFileW
InterlockedDecrement
WaitForSingleObject
GetCurrentProcess
GetProcessId
GetModuleFileNameA
WideCharToMultiByte
ProcessIdToSessionId
InitializeCriticalSection
GetSystemTimeAsFileTime
GetLocaleInfoA
GetProcessAffinityMask
EnumResourceTypesA
QueryPerformanceCounter
InterlockedExchange
ExitProcess
lstrlenA
GetLocalTime
DisableThreadLibraryCalls
GetFileSize
GetVersionExA
CloseHandle
GetVolumeInformationW
GetCurrentThreadId
MultiByteToWideChar
SetProcessAffinityMask
GetThreadLocale
GetTickCount
GetCurrentProcessId
DeleteFileA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db56beb904c5fc469d6b16fa77cf2659

Headers

File Characteristics

Imports

ole32

gdiplus

advapi32

user32

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 236KB