a26c2c76e6a49f537c35b59238fd17ad_JaffaCakes118

General

Target

a26c2c76e6a49f537c35b59238fd17ad_JaffaCakes118
Size

335KB
MD5

a26c2c76e6a49f537c35b59238fd17ad
SHA1

c79da5ac5f968c2456bb0dfce57036112cf0cd06
SHA256

166006c5e6e82cd6168685b59350ca10e34b73c75c72e61c8d104026b68b444e
SHA512

ca80fae1eb903399abf9098ec10da8b055aa10c4cc879ecd72a3436bb460029f594789a3d2d4c9b5afe54b22ccda45a2fa4ce51858ee7559b38fddc2475da6d1
SSDEEP

6144:9JIWt9LFdDZ+SlUDNkZqOHPXi7cpyfAJhCSAEhMx96:9JPDVlSKfy7ccJSAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26c2c76e6a49f537c35b59238fd17ad_JaffaCakes118

Files

a26c2c76e6a49f537c35b59238fd17ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9da40dc27d0ee850e53372da5de7b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
FormatMessageW
GetTickCount
InterlockedDecrement
FreeLibrary
CloseHandle
WideCharToMultiByte
lstrlenA
VirtualProtect
LoadLibraryExW
MultiByteToWideChar
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
SetEvent
ReleaseMutex
GetCommandLineA
GetModuleHandleA
GetStartupInfoA

user32

ShowWindow
SetWindowPos
SetCursor
GetCursorPos
PostMessageW
IsWindow
GetClientRect
GetWindowLongW
SetTimer
FillRect
ScreenToClient
AdjustWindowRectEx
LoadStringW
SetFocus
IsWindowEnabled
SendMessageW
LoadCursorW
DestroyWindow
SetRect
wsprintfW
InvalidateRect

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

gdi32

GetTextAlign
Polygon
BitBlt
GetTextMetricsW
SetTextAlign
SelectObject
MoveToEx
LineTo
TextOutW
SetTextColor
DeleteDC
GetStockObject
CreatePen
GetBkMode
DeleteObject
SetBkMode

ole32

CLSIDFromString
StringFromGUID2
CoCreateInstance

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
wcscat
wcschr
wcscpy
wcsrchr
_wcsnicmp
_snwprintf
srand
rand
wcscmp
memset
malloc
free
_except_handler3
wcstok
wcsncat
iswctype
swprintf
_wtoi
wcsstr
_wcsicmp
wcslen
wcsncpy

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9da40dc27d0ee850e53372da5de7b2d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 308KB - Virtual size: 613KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 308KB - Virtual size: 613KB

.rsrc
Size: 4KB - Virtual size: 3KB