bd993411dce02f5b51a784ac4f84fcb2_JaffaCakes118

General

Target

bd993411dce02f5b51a784ac4f84fcb2_JaffaCakes118
Size

277KB
MD5

bd993411dce02f5b51a784ac4f84fcb2
SHA1

90e0accc7064df9b4a11437cde8aa00e9710608a
SHA256

66c492a602e4988de832c5af09260d9cb8cd3a5be515f97587931e77cb07639c
SHA512

2625aa8c5e0ddc1725266d20c6c1bef5adea4f5c66d160e1d7590ae0a084f316e5ef1b313f861547a265d7e2bc121d600443ee85ef9dca63de45fd6279f61128
SSDEEP

3072:pWqOJKnTKKJxAn2J0KFXjfe7IRvBNi21/ba10MkbfUm+O1Hg7LlCEMYX7FEmkfFL:4RJeHp0KFdbiITmgfaOy7JbXOxV9XGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd993411dce02f5b51a784ac4f84fcb2_JaffaCakes118

Files

bd993411dce02f5b51a784ac4f84fcb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a7333909c22b6c9f9171005578b19a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
WideCharToMultiByte
GetTickCount
GlobalAlloc
FindNextFileW
Sleep
lstrcpyW
SetFilePointer
ResumeThread
FindClose
GlobalAddAtomW
DeleteFileW
WaitForMultipleObjects
WaitForSingleObject
GetLastError
GetFileAttributesW
GetLogicalDrives
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
CloseHandle
GetCurrentProcess
GetUserDefaultLangID
SetLastError
SetEndOfFile
LoadResource
FindResourceW
VirtualFree
GetFileAttributesExW
CreateEventW
FreeResource

user32

WindowFromPoint
GetMessageW
DialogBoxParamW
DestroyMenu
OffsetRect
CreatePopupMenu
GetCursorPos
EndDialog
SetCursorPos
GetWindowRect
GetWindowDC
SystemParametersInfoW
LoadImageW
DrawTextW
InvalidateRect
SetForegroundWindow
PostThreadMessageW
RedrawWindow
IsWindow

gdi32

CreateCompatibleDC
DPtoLP
DeleteObject
SetDIBits
GetObjectW
CreateICW
SetMapMode

advapi32

RegOpenKeyExW
RegCreateKeyExW

ole32

CreateStreamOnHGlobal
CoInitializeEx

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a7333909c22b6c9f9171005578b19a5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 21KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 21KB