b1fcd13bcf318beaf2adf85cd3631317_JaffaCakes118

General

Target

b1fcd13bcf318beaf2adf85cd3631317_JaffaCakes118
Size

272KB
MD5

b1fcd13bcf318beaf2adf85cd3631317
SHA1

93fe4987220dae1e0668da8424d153d5edfa4f39
SHA256

9fda929324ba653760f8774b219115210a041f61dc67d871ded110136302c63f
SHA512

2fa178a214ada870acea117ad06f0ba4e2316adec24212d7a771b335a8dc4bce938b5932ff78104407e7830154b7ea5eab06962c61d5b1cf6cb8f6c51014c3ec
SSDEEP

6144:Uco5KJdyU/WreFQ+5LD7gQgiC1f7aE2joc2tG9tp2S2bv10YidzD:Uca2dJWreS+5EV9apvzov10Yi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1fcd13bcf318beaf2adf85cd3631317_JaffaCakes118

Files

b1fcd13bcf318beaf2adf85cd3631317_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4b1b2fdd9c8289424974bcdadf8d282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FindNextChangeNotification
ResumeThread
VirtualAlloc
GlobalUnlock
lstrlenW
VirtualFree
GetCurrentProcess
ExitProcess
WideCharToMultiByte
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
GetFileAttributesW
LoadLibraryW
LockResource
GetFileAttributesExW
ReadProcessMemory
FindFirstChangeNotificationW
FreeResource
DeleteFileW
WaitForMultipleObjects
GetSystemTime
GetCurrentThreadId
GetTickCount
CreateProcessW
GlobalFree
GetDriveTypeW
GetLogicalDrives
FreeLibrary
CreateFileW

user32

DispatchMessageW
wsprintfW
RedrawWindow
PostThreadMessageW
SetCursor
MessageBoxW
GetMessageW
SetWindowPos
GetWindowThreadProcessId
LoadBitmapW
UpdateWindow
LoadStringW
PostMessageW
CreateWindowExW
GetParent
GetWindowTextW
GetSysColor
LoadImageW
ReleaseCapture
AppendMenuW
GetDlgItem
GetCursorPos
SetForegroundWindow
TranslateMessage
WindowFromPoint
TrackPopupMenu
VkKeyScanW
DrawTextW
SystemParametersInfoW
SetDlgItemTextW
GetClassNameW
PostQuitMessage

gdi32

SelectObject
CreateBitmap
Rectangle
CreateFontIndirectW
CreateSolidBrush
GetObjectW
DPtoLP
SetBkMode
MoveToEx
DeleteDC

advapi32

LookupAccountSidW
RegNotifyChangeKeyValue
SetSecurityDescriptorDacl
RegDeleteValueW
RegCloseKey
StartServiceW

shell32

Shell_NotifyIconW
SHChangeNotify

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4b1b2fdd9c8289424974bcdadf8d282

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB