94aeda68366c57d1297190ef76f22812_JaffaCakes118

General

Target

94aeda68366c57d1297190ef76f22812_JaffaCakes118
Size

31KB
MD5

94aeda68366c57d1297190ef76f22812
SHA1

be52cebb796305af2af9f90101104dfec12235ce
SHA256

05529a64e0fa2df92a5479a62fbdf4f1c291899d9de2ce907ce33e1afb5dd816
SHA512

be1d604ceedf256d65b7ba8d45806ea2dea0f509c675745b92ec4f8bcc6c58fc4e188ccc1a1e2f3a25685806b462d19c21e39762dbb9d6efbd623249e0818d0c
SSDEEP

384:EWl4EvQ88+DaoGtBmIw6wcuPFYE3AH9/obTyRzBMHYfTnQV6hzfmy1ke:VR8+DavDHwV/FYEqAU9iOJ8Ve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94aeda68366c57d1297190ef76f22812_JaffaCakes118

Files

94aeda68366c57d1297190ef76f22812_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b519d68a10e4cd118f4cb5f5a1b0c435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
HeapFree
LCMapStringA
Module32Next
GetLocaleInfoA
GetACP
GetModuleHandleA
ResetEvent
HeapSize
GetFileAttributesA
LocalAlloc
GetStartupInfoA
FileTimeToSystemTime
GetSystemInfo
IsValidCodePage
InitializeCriticalSection
GetTimeFormatA
CreateFileA
GetCurrentProcessId
GetEnvironmentStringsW
GetCPInfo
SetErrorMode
lstrcpynA
GetCurrentProcess
EnterCriticalSection
DuplicateHandle
GetLastError
IsBadStringPtrA
GetCommandLineW
GetStdHandle
LoadResource
GetTickCount
ExpandEnvironmentStringsA
LockResource
ExitThread
SetEndOfFile
GetDriveTypeA
VirtualFree
GetProcessAffinityMask

user32

ReleaseDC
PtInRect
IsWindowVisible
GetWindowThreadProcessId
CreateDialogParamA
GetFocus
SendMessageA
CreateWindowExA
DeleteMenu
OpenClipboard
GetSysColor
GetWindow
EndDeferWindowPos
FillRect
TrackPopupMenu
LoadCursorA
GetWindowRect
GetParent
GetDoubleClickTime
GetWindowTextA
GetSubMenu
DialogBoxParamA
RemoveMenu
FindWindowExA
DrawTextA
SystemParametersInfoA
LoadStringA
LoadImageA
DefWindowProcA
InsertMenuA
LoadAcceleratorsA
DispatchMessageA

msvcrt

_acmdln
_adjust_fdiv
_except_handler3
__p__fmode
__set_app_type
memcpy
__getmainargs
_exit
_initterm
__p__commode
_controlfp
exit
__setusermatherr
_XcptFilter

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b519d68a10e4cd118f4cb5f5a1b0c435

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 85B

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 85B

.rsrc
Size: 512B - Virtual size: 164B