aed7992713c8019ea31e4f33e865bb62_JaffaCakes118

General

Target

aed7992713c8019ea31e4f33e865bb62_JaffaCakes118
Size

310KB
MD5

aed7992713c8019ea31e4f33e865bb62
SHA1

0792c5f2f6fd81bb07250152ff590485ad408c02
SHA256

cd45e1a1efac6aa6b7bf9d3bdeec355221c680b76702ec6dadf128259b499362
SHA512

028c4ab4ae277d6196e10e06e5b1e215d9dbd3abef1792e480d1722c03acc8ab314ca76a02f95136de74a0ddb886caae0d12e5cbd42eb12639078adb2dc90116
SSDEEP

6144:xf39Uh98Vz1zFi/5Jr0TJnlUdGcDW7mTRuDpISfoJy8cviMRazj792ssY:xf392mc/UFlwGGwmgToJy8cKka37979

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aed7992713c8019ea31e4f33e865bb62_JaffaCakes118

Files

aed7992713c8019ea31e4f33e865bb62_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e10674876daf8c1887549d3a16834c1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateBitmap
LineTo
DeleteObject

msvcrt

_exit
_adjust_fdiv
_XcptFilter
_unlock

user32

SetWindowRgn
EndDialog
LoadCursorW
SetTimer
DispatchMessageA
GetNextDlgTabItem
SetDlgItemTextW
GetWindowLongW
GetWindowTextLengthW
OffsetRect
MsgWaitForMultipleObjects

kernel32

MultiByteToWideChar
SetLastError
CloseHandle
GetStartupInfoA
LeaveCriticalSection
GetTickCount
DeleteCriticalSection
GetModuleHandleA
WaitForSingleObject
GetSystemDirectoryW
GetStringTypeW
GetOEMCP
GetCurrentProcessId
VirtualProtect
GetACP
GetCommandLineA
GetCurrentThreadId
FindClose
CreateThread
InterlockedCompareExchange
HeapCreate
HeapDestroy
FreeLibrary
InitializeCriticalSection
CreateFileMappingA
IsBadCodePtr
GetVersion
SetConsoleCP
SetStdHandle
CompareStringW
GetCommandLineW
InterlockedExchange
HeapAlloc
ExitProcess
TlsGetValue
GetModuleHandleW
GlobalSize
GetVersionExA
Sleep

ole32

CoInitialize
CoTestCancel

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW

lz32

LZClose

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e10674876daf8c1887549d3a16834c1f

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

user32

kernel32

ole32

advapi32

lz32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 235KB - Virtual size: 244KB

.idata Size: 1024B - Virtual size: 125KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 235KB - Virtual size: 244KB

.idata
Size: 1024B - Virtual size: 125KB