83a3a99425e5c3923dc6782bffb93e22_JaffaCakes118

General

Target

83a3a99425e5c3923dc6782bffb93e22_JaffaCakes118
Size

133KB
MD5

83a3a99425e5c3923dc6782bffb93e22
SHA1

34029fd1cc67836ebd1fa9e1196502905f026347
SHA256

bbea9df011700fddb64c23d7d6ac9043132309f2c419275511d6fc4b11081af5
SHA512

6eff6a56c1836123a91a0f4bd853f62eaf66148549b788ff6fa308c1be5b3c455a6a1bd48e0eb10adb18c948656a58b41f62f802ff0083e818dd2b310ed5be9c
SSDEEP

3072:lzwXXm02jkcp+JxdwDizaZqVuwA1Fl1g51YM860d5:iDhc8Jo2akVuwoFl1kLR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83a3a99425e5c3923dc6782bffb93e22_JaffaCakes118

Files

83a3a99425e5c3923dc6782bffb93e22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Write
ImageList_DragShowNolock
ImageList_Draw

kernel32

SetFilePointer
FindClose
GetProcAddress
GetCurrentProcessId
CloseHandle
WaitForSingleObject
VirtualAlloc
LoadLibraryA
lstrcmpiA
SetLastError
DeleteFileA
ExitProcess
SetErrorMode
Sleep
GetOEMCP
GetCurrentThreadId
GetCPInfo
HeapAlloc
GetACP
GetCommandLineA
LocalFree
FreeResource
GetTempPathA
EnterCriticalSection

version

VerInstallFileA
VerFindFileA

user32

RedrawWindow
PostMessageA
GetMenu
GetDC
PeekMessageW
IsCharLowerA

Exports

Exports

_B8PyfN9eX8sVea@8

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

Imports

comctl32

kernel32

version

user32

Exports

Exports

Sections

CODE Size: 11KB - Virtual size: 11KB

.data Size: 11KB - Virtual size: 130KB

.lkdata Size: 105KB - Virtual size: 104KB

.idata Size: 1KB - Virtual size: 1KB

.jdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 11KB - Virtual size: 11KB

.data
Size: 11KB - Virtual size: 130KB

.lkdata
Size: 105KB - Virtual size: 104KB

.idata
Size: 1KB - Virtual size: 1KB

.jdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB