bbd36a6809e2da5dff16cedd1dceb578_JaffaCakes118

General

Target

bbd36a6809e2da5dff16cedd1dceb578_JaffaCakes118
Size

30KB
MD5

bbd36a6809e2da5dff16cedd1dceb578
SHA1

035e5f5c7ca0a9c03d8480ca6e14248de1b8246e
SHA256

14e9e04a0eade68037fe9303d8178d848cd3a04b78928debfce6dbb58ff16ec5
SHA512

7b81237cd6ed0d3ed65659c3a31bbd9170c4389b99f35b50d1512190a3240652c93387942603beffc15bddb5aef1be0d144ea7fd16ae34487a6f109afcd7c496
SSDEEP

384:xE8x530V1VdeZ6DWelUAgM1fQB3RUXvA2+FmwPxphpyqayzVf9lzw4SxGD0F4XfJ:4jlz62WB3Rnbr1bHfLzwha0Vsjgpl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbd36a6809e2da5dff16cedd1dceb578_JaffaCakes118

Files

bbd36a6809e2da5dff16cedd1dceb578_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be2524d583709090f8ef1e31b8624ddf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
lstrcmpA
VirtualProtect
lstrlenA
lstrcmpiW
lstrcpynA
lstrlenW
MultiByteToWideChar
GetCurrentThreadId
VirtualProtect
lstrcpyn
LoadLibraryW
lstrcpyA
GetModuleFileNameA
SetUnhandledExceptionFilter

user32

SetTimer
ChangeMenuW
DefWindowProcW
GetWindowLongA
ReleaseDC
LoadIconA
ShowWindow
RegisterWindowMessageA
CheckMenuItem
CharUpperW
DefWindowProcA
GetKeyState
IsWindowEnabled
LoadImageW
PostMessageW
GetWindowRect
RegisterWindowMessageW
GetMessageW
DestroyWindow
LoadCursorA
CharUpperA
CreateWindowExA
LoadStringA
MoveWindow
GetSystemMetrics
RegisterClassExW
GetParent
DrawIcon
UpdateWindow
GetWindowTextLengthW
GetMenu
EnableWindow
GetWindowTextLengthA
CheckRadioButton
GetActiveWindow
SendMessageW
GetWindowTextW
GetDlgItem
UpdateLayeredWindow
LoadIconW
LoadMenuW

gdi32

ExtTextOutW
CreateFontIndirectExW
ExtTextOutA
GetObjectA
DeleteObject

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be2524d583709090f8ef1e31b8624ddf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 928B