ac4f6402e48ff7e38748fd5b3e9afdb6_JaffaCakes118

General

Target

ac4f6402e48ff7e38748fd5b3e9afdb6_JaffaCakes118
Size

164KB
MD5

ac4f6402e48ff7e38748fd5b3e9afdb6
SHA1

03738fcc07a2c8de5b277d659c855afcf25b045e
SHA256

1b4b7af23e6674069087078c12e90c4ec3b9127deb7a49bce8f537a6b1c24e56
SHA512

8c37d1ed8fab3d83540ea92300df1a9e89a1bf499cb90b6d7f015d9f278f32329a88ae55fe0f84151139b953949fa32c4075d84dc260b658313f5a0506594ee5
SSDEEP

3072:PG+oGNuWiwxXYt7UT5JNlgE+S6VHXVew9bS6591VCRqfbHsaXuo8y:PjGWklENT6JXVLbS6FVyqbca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac4f6402e48ff7e38748fd5b3e9afdb6_JaffaCakes118

Files

ac4f6402e48ff7e38748fd5b3e9afdb6_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2d22696a6af13a9c2ad4d8d7535b5ece

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetScrollInfo
GetWindowThreadProcessId
InvalidateRect
GetMenu
DispatchMessageW
CallNextHookEx
CopyRect
GetWindowTextW
LoadIconW
GetDC
ShowWindow
CreateWindowExW
LoadStringA
EnumChildWindows
ScreenToClient
GetFocus

kernel32

lstrlenA
CloseHandle
GetSystemTimeAsFileTime
GetModuleHandleW
GetLocaleInfoW
GetTickCount
WideCharToMultiByte
UnlockFile
FreeLibrary
CreateMutexA
HeapSize
DeleteCriticalSection
CreateEventA
FindResourceW
InterlockedExchange
lstrcmpiW
GetCurrentProcess
SetFileAttributesA
GetModuleFileNameA
SetFileTime
GetProcAddress
SetFilePointer
CreateProcessA
lstrcpyA
GetACP
InterlockedDecrement
GetCommandLineA
lstrcmpW
LoadResource
SetUnhandledExceptionFilter
InterlockedIncrement
VirtualAlloc
GetLastError
DeviceIoControl
LoadLibraryA
SetStdHandle
Sleep
GetCurrentThreadId
GetStdHandle
SetLastError
TlsFree
QueryPerformanceCounter
FindNextFileW
GetModuleFileNameW
GetEnvironmentStringsW
InitializeCriticalSection
LCMapStringW
CreateFileA
CreateFileW

msvcrt

calloc
_XcptFilter
memcpy
_onexit
exit
__p__commode
memset
__set_app_type

advapi32

RegEnumKeyExA
OpenThreadToken
RegQueryValueExW
ReportEventW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d22696a6af13a9c2ad4d8d7535b5ece

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 38KB - Virtual size: 1.1MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 38KB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 2KB