749579600adf89cf6ce641c1aa9442e1_JaffaCakes118

General

Target

749579600adf89cf6ce641c1aa9442e1_JaffaCakes118
Size

131KB
MD5

749579600adf89cf6ce641c1aa9442e1
SHA1

2d44279f5a9caebdd7df5bb9b86148039463859c
SHA256

bf27b5e9882e95462393afd66d2abe4b12d96748fd0bcec08a023edcb8a9ebdb
SHA512

57ad75c3206ebf8f78825bcfda407483bb6c2c2d8c989c6677b78e9312fff6f6d481c573298231147fae587fae5b50560b437156c0f1ae56576de082c991284b
SSDEEP

3072:uONNWMwPg0bMCwu+zDNifnApUL6HuZoqWmE5zQ5WcM+EwYE/iOM:zNN0ZbMCw+PbWHuZo+EpQscMBwY0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
749579600adf89cf6ce641c1aa9442e1_JaffaCakes118

Files

749579600adf89cf6ce641c1aa9442e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43141b98492891b7b97e6a9d9fa40bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
DeviceIoControl
DisableThreadLibraryCalls
ExitProcess
FindResourceA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStringTypeA
GetSystemDefaultLCID
GlobalLock
IsDBCSLeadByte
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree

user32

CreateWindowExA
EnableWindow
GetClientRect
GetCursorPos
GetDC
GetParent
GetWindowRect
GetWindowThreadProcessId
IsIconic
PostQuitMessage
RegisterClassA
ReleaseDC
SendMessageA
SetWindowTextA

gdi32

CreatePalette
GetDIBColorTable
GetPaletteEntries
GetTextExtentPointA
RectVisible
SaveDC
SelectObject
SetBkMode
SetEnhMetaFileBits

shell32

DragQueryFileA
DragQueryFileW
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHGetFolderLocation
SHGetFolderPathW
SHGetSpecialFolderLocation
Shell_NotifyIconA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43141b98492891b7b97e6a9d9fa40bb0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.rsrc Size: 18KB - Virtual size: 136KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 18KB - Virtual size: 136KB