a2279ba6ad1904aefbd698117eff718c_JaffaCakes118

General

Target

a2279ba6ad1904aefbd698117eff718c_JaffaCakes118
Size

292KB
MD5

a2279ba6ad1904aefbd698117eff718c
SHA1

7f1cdf63047fd556ac4b08afd84c3918c2cf1fe4
SHA256

8cd4da2d925d56e562ba361c5c45c701f7a84313a9ce4ea4076071051e1ebfa5
SHA512

b7585c7fe8b4577c7d2cdb8c2884a17b7ccd9f2f8ec83bb24f050fb5cab70ee1bcff02542bcf6fa6fde94b0516af3a994dc342d172bfa157d9969db5cc5054b1
SSDEEP

6144:YB83mAynpcv6QJwopyvMpFPt8SfI7lTo9eDa/aefVx:YB8KoJwopyvQPt8V7Jo4Caedx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2279ba6ad1904aefbd698117eff718c_JaffaCakes118

Files

a2279ba6ad1904aefbd698117eff718c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a2e21daba567447d202af1ddb83e8c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
IsIconic
GetDialogBaseUnits
GetForegroundWindow
DefDlgProcA
DeferWindowPos
CreateDialogParamA
WindowFromPoint
IsWindowVisible
GetNextDlgTabItem
CloseWindow
AdjustWindowRect

ole32

IIDFromString
CoDisconnectObject

gdi32

ExtCreateRegion
AbortDoc
EqualRgn
FrameRgn
DeleteObject
CreateFontW
CloseMetaFile
GdiFlush
EndDoc
CreateCompatibleDC
AddFontResourceA
CopyEnhMetaFileA
AngleArc
ExtSelectClipRgn

advapi32

RegDeleteValueA
RegCloseKey
RegSetValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegRestoreKeyA

kernel32

GetEnvironmentVariableA
WritePrivateProfileStructA
GetProcAddress
GetStartupInfoA
GetTickCount
GetLastError
FreeEnvironmentStringsA
TlsSetValue
GetModuleFileNameA
GetEnvironmentStrings
VirtualAlloc
GetACP
LCMapStringA
GetModuleHandleA
GetCommandLineA
GetProfileIntA
WritePrivateProfileSectionA

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a2e21daba567447d202af1ddb83e8c0

Headers

File Characteristics

Imports

user32

ole32

gdi32

advapi32

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 275KB - Virtual size: 381KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 275KB - Virtual size: 381KB

.rsrc
Size: 2KB - Virtual size: 2KB