7529b7a2a451adcf579b4c58d5df8992_JaffaCakes118

General

Target

7529b7a2a451adcf579b4c58d5df8992_JaffaCakes118
Size

26KB
MD5

7529b7a2a451adcf579b4c58d5df8992
SHA1

e9b7c95d6d4c594addbe9a5a37f1767a9d53cdc5
SHA256

1d218f42c59bfe227a71aaedff9dd99ba2da5c0ce4cd93d278c5cdc1852abeb4
SHA512

ce88093c3d4312b25c0ba8a2b738f17ac992115a52fb49f4ad93f7f5818d0fe8e75dcdccf8fe267dbb3bc8aaa3008c5ba857c43b67a64c4192ea58d95ef98d4b
SSDEEP

384:KCjsrqX6tIZ/H1de/GXug5Pvzzd2qDokjd4FHvpBOmbKEIzIFYVxnmSVMV:KC9ZHVXxRDLjd4FCmM0PSVa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7529b7a2a451adcf579b4c58d5df8992_JaffaCakes118

Files

7529b7a2a451adcf579b4c58d5df8992_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96a1feb7a8e6ff63db3665f1deb931e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetCurrentThreadId
FreeLibrary
lstrlenW
GetProcessHeap
MultiByteToWideChar
QueryPerformanceFrequency
GetModuleHandleW
VirtualProtect
lstrcmpiA
lstrlen
GetACP
GetCommandLineW
lstrcpynA
GetCommandLineA
lstrcmpiW

user32

GetCapture
GetDlgItem
GetWindowTextA
CharUpperA
LoadStringA
DefWindowProcA
LoadCursorA
ShowWindow
DrawIcon
LoadStringW
LoadImageA
GetSystemMetrics
GetActiveWindow
LoadCursorW
GetParent
GetForegroundWindow
LoadMenuA
LoadMenuW
GetKeyState
CreateWindowExA
GetMessageW
LoadIconW
ReleaseDC
UpdateWindow
GetSystemMenu
GetWindowTextW
RegisterClassExA
RegisterWindowMessageA
ChangeMenuW
LoadImageW
MoveWindow
CharUpperW
GetWindowTextLengthW
GetWindowLongA
CheckRadioButton
IsWindowEnabled
EnableWindow
RegisterClassExW
GetWindowRect
GetWindowLongW
DefWindowProcW
UpdateLayeredWindow

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96a1feb7a8e6ff63db3665f1deb931e6

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 928B