b705b7234fcf76560e0ab1571639560f_JaffaCakes118

General

Target

b705b7234fcf76560e0ab1571639560f_JaffaCakes118
Size

579KB
MD5

b705b7234fcf76560e0ab1571639560f
SHA1

9699f808f5517fc521940335d52acff4401a07c1
SHA256

df88343bd4d71688aa44cf83dabeac909ff40184f2aed07634cec56c65e4f078
SHA512

47e18b7614204014dc160572363f4d6beebb79383572d517a1cce05cce5c16f080a029604dd114d23070b31f699ee4a1c7e2660f12fa30e7eb389c1ecd870295
SSDEEP

12288:MvkqBAo+huG3ru0NhH9pRC7vcfejoohJysi:KIzDLgD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b705b7234fcf76560e0ab1571639560f_JaffaCakes118

Files

b705b7234fcf76560e0ab1571639560f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22970bb0dd2bd5afb1e3b49f83079fcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
ShowWindow
PostQuitMessage
DefWindowProcW
SendMessageW
LoadIconW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
CreateWindowExW
RegisterClassExW
ShowCursor
ShowScrollBar
SystemParametersInfoW
UnhookWindowsHookEx
WindowFromPoint
mouse_event
PostMessageW
ToAscii
TranslateAcceleratorW
TrackPopupMenu

kernel32

CloseHandle
FlushFileBuffers
LoadLibraryA
GetProcAddress
VirtualAlloc
HeapAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
GetStartupInfoW
UnmapViewOfFile
lstrcatW
GetModuleHandleW
RtlUnwind
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc

comctl32

InitCommonControlsEx

Sections

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22970bb0dd2bd5afb1e3b49f83079fcb

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 378KB - Virtual size: 377KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 120KB - Virtual size: 125KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 378KB - Virtual size: 377KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 120KB - Virtual size: 125KB

.rsrc
Size: 512B - Virtual size: 480B