734f5d59cf80607ee4165111623d90bb_JaffaCakes118

General

Target

734f5d59cf80607ee4165111623d90bb_JaffaCakes118
Size

133KB
MD5

734f5d59cf80607ee4165111623d90bb
SHA1

1e75fa98eddbba93dfafaf0fe8d9d0028f995163
SHA256

9025aa4a65ae4d83bd112d4e69573ce649ab90f92f2f5f67d9a6449363de62bf
SHA512

b25aa95818bf34e28cd877e1046f4c0064a295a180e0adedd06bd5abff40535a738d1aa791035d42774daa75065a030d23565e68a333b3c3665ce53447ca8761
SSDEEP

1536:GxyB/wOGom+2BPh8hrIzzVB67DPJp+Jxr6nVd:Gx2xGom+w+wzVYPJpexruVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734f5d59cf80607ee4165111623d90bb_JaffaCakes118

Files

734f5d59cf80607ee4165111623d90bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

423af810c3e07ad11c8c609a7708ad4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
Sleep
WriteFile
SetEndOfFile
SetFilePointer
CloseHandle
UnmapViewOfFile
CopyFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetStringTypeA
LCMapStringW
lstrcatA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
LoadLibraryA
GetProcAddress
GetTickCount
lstrcmpiA
GetCommandLineA
LCMapStringA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
GetStringTypeW

user32

SetTimer
IsDlgButtonChecked
LoadIconA
SendMessageA
SendDlgItemMessageA
CheckDlgButton
DialogBoxParamA
GetWindowLongA
SetWindowLongA
DestroyWindow
LoadBitmapA
GetClientRect
BeginPaint
EndPaint
MessageBoxA
MessageBoxIndirectA
KillTimer

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA

shell32

DragAcceptFiles
DragQueryFileA
DragFinish

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

423af810c3e07ad11c8c609a7708ad4d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 14KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 113KB - Virtual size: 113KB

.text
Size: 14KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 113KB - Virtual size: 113KB