ae99f5d2ce104bed61905253c3a8d8df_JaffaCakes118

General

Target

ae99f5d2ce104bed61905253c3a8d8df_JaffaCakes118
Size

72KB
MD5

ae99f5d2ce104bed61905253c3a8d8df
SHA1

4362149c1a706df2b8af5b03e36ad3b1363b1a77
SHA256

c275236202d3dd99ca40515835eacfdd6bc1bfff4577db1cb274061fcbac4752
SHA512

813a95899f1d8848f745dbbfe3ea51e56219c74abfceeafa0558d5f7c8da152d81ee52a63808308c2c845cab8a16134ff2d35d2e8ff2bfcc967186f3ee5b80cf
SSDEEP

768:gi+FG+evr950a0YO274VjcVl5uQ6BtFoNOhjum2aaGYwtINHHVEOCmbw1ZlEPlJs:Rn0SlA+aBtAyk5cIDArluHA8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae99f5d2ce104bed61905253c3a8d8df_JaffaCakes118

Files

ae99f5d2ce104bed61905253c3a8d8df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6625ea682996161069541b09189a02ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
lstrlenW
InterlockedDecrement
GlobalAlloc
GetCurrentProcessId
GlobalAddAtomW
GetLastError
FindFirstChangeNotificationW
DeleteFileW
GetProcAddress
ReadProcessMemory
FindResourceExW
SuspendThread
GetFileAttributesExW
LockResource
CancelWaitableTimer
FileTimeToSystemTime
GetModuleHandleW
GlobalDeleteAtom
GetVersion
GetTickCount
ResetEvent
Sleep
SetThreadPriority
CreateEventW
DuplicateHandle
GlobalLock
LoadLibraryA

user32

LoadCursorW
RedrawWindow
VkKeyScanW
GetWindowRect
wsprintfW
GetWindowTextW
GetSysColor
OffsetRect
ReleaseCapture
GetWindowDC
RegisterWindowMessageW
ReleaseDC
SetCursorPos
SendMessageW
SetCursor
SetLayeredWindowAttributes
UpdateWindow
GetCursorPos
AppendMenuW
DispatchMessageW
LoadBitmapW
SystemParametersInfoW

gdi32

SetBkColor
GetMapMode
CreateDCW
SetMapMode
SetTextColor
SetBkMode
CreateBitmap
DeleteObject
DeleteDC
CreateICW
StretchBlt
GetStockObject

advapi32

RegDeleteValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6625ea682996161069541b09189a02ae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB