b40269fc55acc88d60a5a13a172d6584_JaffaCakes118

General

Target

b40269fc55acc88d60a5a13a172d6584_JaffaCakes118
Size

95KB
MD5

b40269fc55acc88d60a5a13a172d6584
SHA1

a073afa674f7b96cac00a59b817199d13c345943
SHA256

8447c0d7546bdd9545651c0295b3c5bfa6e436a0b2352abd516d826f41e41f24
SHA512

3d983db25c6f05c6bae6b160d1a34c56e567165839ee21b79532e309204c719322795b3ce25ff83633355958e7535e5b570058ead172d5ee64984bf4df26101c
SSDEEP

1536:OLVITE6GVDghHm6XEXoLRuy8Fj/0OctQdy4IbKndUoP38fVQyGQznPp+Tv:Ox6GShHm6yoFuy8x0ycFKd138xGmPp4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b40269fc55acc88d60a5a13a172d6584_JaffaCakes118

Files

b40269fc55acc88d60a5a13a172d6584_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ce64c25cb907de79239a58a89930bfdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetOpenA

kernel32

HeapFree
WriteFile
OpenProcess
GlobalAlloc
ReadFile
GlobalFree
OpenThread
MoveFileA
GetExitCodeThread
WaitForMultipleObjects
CompareStringA
GetCurrentThreadId
WriteProcessMemory
SuspendThread
ResumeThread
GetProcessHeap
CreateMutexA
ReleaseMutex
HeapAlloc
LoadLibraryA
CloseHandle

user32

ModifyMenuA
IsWindowVisible
ShowWindow
GetWindowLongA
InvalidateRect
SetWindowLongA
GetMenu
GetForegroundWindow
DrawEdge
SendMessageA
GetWindowInfo
LoadIconA
GetWindowRect
MoveWindow
GetDC
ReleaseDC
DrawTextA
FindWindowA
GetActiveWindow

gdi32

BeginPath
DrawEscape
LineTo
DeleteDC
SelectObject
CreateCompatibleDC
EndPath
BitBlt

msvcrt

memset

Exports

Exports

?MySwingWing1@@YGPAXKKK@Z
?MySwingWing2@@YGPAXKKKK@Z

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce64c25cb907de79239a58a89930bfdd

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

DATA Size: 1024B - Virtual size: 1024B

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

DATA
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 512B - Virtual size: 312B