74fa8c281d01334f866742c8d094c783_JaffaCakes118

General

Target

74fa8c281d01334f866742c8d094c783_JaffaCakes118
Size

273KB
MD5

74fa8c281d01334f866742c8d094c783
SHA1

ef7799c1dbf1f95f7494f4b9b255aa05bb45bd7b
SHA256

d8749621bd1f98f71c53b9e775dfbff4c2f946d645423adb2ea513f95673e506
SHA512

bbd9b0ca240359ec93ed5b1a514541043f0071019cacc92cb45ac003af64d4bffd91abe97b4fb525fe6acea4521c99be94f7404fe4566f88cbd35156e83e8716
SSDEEP

6144:Uco5KJdyU/WreFQ+5LD7gQgiC1f7aE2joc2tG9tp2S2bv10YidzDr:Uca2dJWreS+5EV9apvzov10Yi5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74fa8c281d01334f866742c8d094c783_JaffaCakes118

Files

74fa8c281d01334f866742c8d094c783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4b1b2fdd9c8289424974bcdadf8d282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FindNextChangeNotification
ResumeThread
VirtualAlloc
GlobalUnlock
lstrlenW
VirtualFree
GetCurrentProcess
ExitProcess
WideCharToMultiByte
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
GetFileAttributesW
LoadLibraryW
LockResource
GetFileAttributesExW
ReadProcessMemory
FindFirstChangeNotificationW
FreeResource
DeleteFileW
WaitForMultipleObjects
GetSystemTime
GetCurrentThreadId
GetTickCount
CreateProcessW
GlobalFree
GetDriveTypeW
GetLogicalDrives
FreeLibrary
CreateFileW

user32

DispatchMessageW
wsprintfW
RedrawWindow
PostThreadMessageW
SetCursor
MessageBoxW
GetMessageW
SetWindowPos
GetWindowThreadProcessId
LoadBitmapW
UpdateWindow
LoadStringW
PostMessageW
CreateWindowExW
GetParent
GetWindowTextW
GetSysColor
LoadImageW
ReleaseCapture
AppendMenuW
GetDlgItem
GetCursorPos
SetForegroundWindow
TranslateMessage
WindowFromPoint
TrackPopupMenu
VkKeyScanW
DrawTextW
SystemParametersInfoW
SetDlgItemTextW
GetClassNameW
PostQuitMessage

gdi32

SelectObject
CreateBitmap
Rectangle
CreateFontIndirectW
CreateSolidBrush
GetObjectW
DPtoLP
SetBkMode
MoveToEx
DeleteDC

advapi32

LookupAccountSidW
RegNotifyChangeKeyValue
SetSecurityDescriptorDacl
RegDeleteValueW
RegCloseKey
StartServiceW

shell32

Shell_NotifyIconW
SHChangeNotify

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4b1b2fdd9c8289424974bcdadf8d282

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB