73e4197ed2d002ff185a5db4bcb9cf94_JaffaCakes118

General

Target

73e4197ed2d002ff185a5db4bcb9cf94_JaffaCakes118
Size

247KB
MD5

73e4197ed2d002ff185a5db4bcb9cf94
SHA1

92be31cca112b9ed3bedf97bc5aac2adc0ccf6d8
SHA256

d9c18f05c6cfa6c144091e0c0beba9169a551b1c7c58949051b6d2fd7ab66aba
SHA512

9a396b6850fee9493b91a7647d6e16d2ff25ba2d6ce82d7299c6e396e6abaa5fb87c293107fec75aee3af3f8e03305634bdebddc5d771b532c403e218d85d26d
SSDEEP

6144:eBd83m50Ffagw/XeqNK6G+fcgBispxv0NgnTFvpiVY:eT8Y0uTNK6GkcusgnBBiVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e4197ed2d002ff185a5db4bcb9cf94_JaffaCakes118

Files

73e4197ed2d002ff185a5db4bcb9cf94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a2e21daba567447d202af1ddb83e8c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
IsIconic
GetDialogBaseUnits
GetForegroundWindow
DefDlgProcA
DeferWindowPos
CreateDialogParamA
WindowFromPoint
IsWindowVisible
GetNextDlgTabItem
CloseWindow
AdjustWindowRect

ole32

IIDFromString
CoDisconnectObject

gdi32

ExtCreateRegion
AbortDoc
EqualRgn
FrameRgn
DeleteObject
CreateFontW
CloseMetaFile
GdiFlush
EndDoc
CreateCompatibleDC
AddFontResourceA
CopyEnhMetaFileA
AngleArc
ExtSelectClipRgn

advapi32

RegDeleteValueA
RegCloseKey
RegSetValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegRestoreKeyA

kernel32

GetEnvironmentVariableA
WritePrivateProfileStructA
GetProcAddress
GetStartupInfoA
GetTickCount
GetLastError
FreeEnvironmentStringsA
TlsSetValue
GetModuleFileNameA
GetEnvironmentStrings
VirtualAlloc
GetACP
LCMapStringA
GetModuleHandleA
GetCommandLineA
GetProfileIntA
WritePrivateProfileSectionA

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a2e21daba567447d202af1ddb83e8c0

Headers

File Characteristics

Imports

user32

ole32

gdi32

advapi32

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 276KB - Virtual size: 379KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 276KB - Virtual size: 379KB

.rsrc
Size: 2KB - Virtual size: 2KB