82b197e919f916f043c2ca583c0569e8_JaffaCakes118

General

Target

82b197e919f916f043c2ca583c0569e8_JaffaCakes118
Size

264KB
MD5

82b197e919f916f043c2ca583c0569e8
SHA1

82108214c8bbfa0ac9ea2c0376a06ca809f1d6e0
SHA256

b64357eafb4f51d157d6b0adcee5525691449861e46cd61c574f835e293eddc7
SHA512

56a5ffd4a26dad6fa9b4309a8afa29703f4f58d7fa1c3efcd7cc508c35808c77eeb8e226863cfe99afd1c41148ae52d81fb21d21ea64d89b15e05059518ae891
SSDEEP

6144:L7VmdPNpww1EvywHrjsoO7tj6UNXdJGIKXzS34S+Ax5Z:vVmNpwHvFrwJ7tj3UShFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82b197e919f916f043c2ca583c0569e8_JaffaCakes118

Files

82b197e919f916f043c2ca583c0569e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb6f30c61acb96118196f49acb1cf3ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
lstrcpyW
CreateThread
ExitProcess
GetProcAddress
GetProcessHeap
HeapAlloc
LoadLibraryW
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetFileAttributesExW
MultiByteToWideChar
DuplicateHandle
GlobalUnlock
GetVersion
GetCurrentThread
GetModuleFileNameW
CancelWaitableTimer
QueryDosDeviceW
SetWaitableTimer
GetLastError
SetLastError
GetCurrentProcessId
SetCurrentDirectoryW
Sleep
FreeLibrary
GetLocalTime
HeapFree
TerminateThread

user32

LoadIconW
IsDlgButtonChecked
GetWindowDC
SendMessageW
EndDialog
IsWindow
OffsetRect
InvalidateRect
GetWindowTextW
PostQuitMessage
SetCursor
GetCursorPos
GetClassNameW
RedrawWindow
LoadImageW
GetWindowRect
GetMessageW
SystemParametersInfoW
DrawTextW
RegisterWindowMessageW

gdi32

DPtoLP
MoveToEx
CreateICW
GetObjectW
CreateCompatibleDC
DeleteDC
SetBkColor
BitBlt
DeleteObject
CreateFontIndirectW
CreatePen
GetStockObject
SetMapMode

advapi32

GetUserNameW
RegQueryValueExW
RegSetValueExW
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconW

ole32

CoInitializeEx
CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb6f30c61acb96118196f49acb1cf3ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 232KB - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.text
Size: 232KB - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB