b45392f7afc0bdd2f7fccb7e572f5e08_JaffaCakes118

General

Target

b45392f7afc0bdd2f7fccb7e572f5e08_JaffaCakes118
Size

345KB
MD5

b45392f7afc0bdd2f7fccb7e572f5e08
SHA1

9edf9cffe74405095ee1bc98482b85100914b7fb
SHA256

b24ccb6cf420cae75da8f0985165c2392a72804fde904ec054a2d2610ec577ee
SHA512

c7e591fe3bd25e9c4a75a82860d93fe72a1535f44b3af92adcc8004cb2122757c60d092fada6bc0e9839ebaf1e2868e46de843d185eba03bee0360a70e148239
SSDEEP

6144:+kHr9vmCnD0JoL0G58anKXj0/u5s90KTcCuFSY31ABLlxouF3vXIjL:DLPnDaGDnKT+uWPTGSY316T53vYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b45392f7afc0bdd2f7fccb7e572f5e08_JaffaCakes118

Files

b45392f7afc0bdd2f7fccb7e572f5e08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dab62231f3e35e65c370319f155f2926

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
ArrangeIconicWindows
IsZoomed
AdjustWindowRect
SendDlgItemMessageA
GetDialogBaseUnits
IsIconic
EndDialog
IsWindowUnicode
DestroyWindow
EnumChildWindows

ole32

StringFromGUID2

oleaut32

RegisterTypeLi

gdi32

CopyEnhMetaFileW
AddFontResourceA
CopyMetaFileW
CreateDCA
CombineRgn
ChoosePixelFormat
CloseMetaFile
CopyMetaFileA
CopyEnhMetaFileA
BitBlt
CreateDiscardableBitmap

advapi32

RegCreateKeyA
RegSaveKeyA
RegOpenKeyA
RegNotifyChangeKeyValue
RegSetValueExA
RegConnectRegistryA
RegOverridePredefKey
RegDeleteValueA
RegQueryMultipleValuesA

kernel32

QueryPerformanceCounter
GetEnvironmentStrings
GetCommandLineA
GetModuleFileNameA
LCMapStringA
GetStartupInfoA
GetLastError
TlsGetValue
VirtualAlloc
GetProcessHeap
GetACP
GetTickCount
FreeEnvironmentStringsA
GetStdHandle
GetModuleHandleA
GetProfileSectionA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WriteProfileStringA
GetProcAddress

msvcrt

_XcptFilter
_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 198KB - Virtual size: 702KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab62231f3e35e65c370319f155f2926

Headers

File Characteristics

Imports

user32

ole32

oleaut32

gdi32

advapi32

kernel32

msvcrt

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 198KB - Virtual size: 702KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 198KB - Virtual size: 702KB

.rsrc
Size: 16KB - Virtual size: 16KB