b925389895f0811ae96fa8d801336929_JaffaCakes118

General

Target

b925389895f0811ae96fa8d801336929_JaffaCakes118
Size

252KB
MD5

b925389895f0811ae96fa8d801336929
SHA1

860758a6fd2a1d061d60944e992fd6bd2628cbe0
SHA256

1f52dcce9a535adf19c5542358bcb1d6708a008a8283f1e6e480279282193122
SHA512

24bf35b84ba1dce4dae05057a338ef1aa518c9c3f04243c974f55adc27387ab722b3cb0c83db6490e6f4809a36b12443c8fba3fac3aec51894bdadec131b2e83
SSDEEP

6144:5FIeSxVOxQkdB9sZFNkb2MM5oZEWjo0cjS2OanQuVB:bIt8xQ7PMRZEL00RQ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b925389895f0811ae96fa8d801336929_JaffaCakes118

Files

b925389895f0811ae96fa8d801336929_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1721c97a4b2d3e1f27a545e874fd963

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetCurrentThread
ReadFile
SetLastError
GetVersion
MoveFileW
FindClose
GlobalDeleteAtom
WriteFile
SizeofResource
GetSystemTime
InterlockedIncrement
GetFileAttributesW
GlobalAddAtomW
SetWaitableTimer
QueryDosDeviceW
lstrlenW
FreeResource
GlobalUnlock
LoadLibraryA
GetModuleHandleW
GetDriveTypeW
GetProcAddress
GlobalLock
CreateProcessW
GetUserDefaultLangID
SetEndOfFile
FindNextFileW

user32

SetWindowTextW
SetCapture
RegisterHotKey
IsWindow
SetForegroundWindow
GetSystemMetrics
SendDlgItemMessageW
GetMessageW
LoadBitmapW
GetKeyState
DrawTextW
SetWindowPos
SetCursor
FillRect
UpdateWindow
DestroyMenu
MessageBoxW
GetDlgItem
GetSysColor
SystemParametersInfoW
AppendMenuW

gdi32

DeleteDC
CreateRoundRectRgn
DPtoLP
StretchBlt
DeleteObject
LineTo
GetDeviceCaps
GetClipBox
Rectangle
MoveToEx

advapi32

RegDeleteValueW
StartServiceW
RegNotifyChangeKeyValue
RegOpenKeyExW
LookupPrivilegeValueW

Sections

.rzkj
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gpem
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ywmea
Size: 224KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1721c97a4b2d3e1f27a545e874fd963

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.rzkj Size: 20KB - Virtual size: 17KB

.gpem Size: 4KB - Virtual size: 1KB

.ywmea Size: 224KB - Virtual size: 226KB

.rzkj
Size: 20KB - Virtual size: 17KB

.gpem
Size: 4KB - Virtual size: 1KB

.ywmea
Size: 224KB - Virtual size: 226KB