c02086cf2017fa1d523ae0b2ef2e6a11_JaffaCakes118

General

Target

c02086cf2017fa1d523ae0b2ef2e6a11_JaffaCakes118
Size

204KB
MD5

c02086cf2017fa1d523ae0b2ef2e6a11
SHA1

18f57ed6a668e279715e47671cc6a13551889aa7
SHA256

44d5f54546e8f2c4b897cb5a77c1f2a41864a1826d24cd06d4a33511c9aca908
SHA512

470626c462972be4badd603e9ed61acc2ae76f9cf346b680815b35e1b0141983e697f17a0233f8cf9b436b54523a1124fb83deaa1b6049f5acd509b4da11f694
SSDEEP

6144:vtM30klEkg7kTBLi1c24TdWW0AWG5Y7aS5OqN4d+7:vtWKl7kToSTdx0G6xO04d+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c02086cf2017fa1d523ae0b2ef2e6a11_JaffaCakes118

Files

c02086cf2017fa1d523ae0b2ef2e6a11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54310c8a7cebfbd249404823449b160b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCommandLineA
GetProcAddress
GetModuleHandleA
ExitThread
LocalAlloc
ExitProcess
lstrlenA
VirtualAlloc
GetModuleHandleW
IsBadReadPtr
VirtualAllocEx
GetACP
LoadLibraryA

comdlg32

ChooseColorA
FindTextA
GetSaveFileNameA

user32

GetSysColorBrush
GetMenuState
GetTopWindow
GetKeyState
GetSubMenu
GetKeyboardLayoutNameA
GetWindow
GetMenu
GetSysColor
GetKeyboardState
GetMenuItemInfoA
GetWindowLongA
GetLastActivePopup
GetScrollPos
GetMessagePos
GetParent
GetScrollInfo
GetPropA
GetKeyboardType
GetMenuItemCount
GetKeyNameTextA
GetKeyboardLayoutList
GetIconInfo
GetKeyboardLayout
GetScrollRange
GetWindowDC
GetMenuItemID
GetSystemMenu
GetMenuStringA
GetWindowLongW

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 359B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 12KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54310c8a7cebfbd249404823449b160b

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 359B

DATA Size: 4KB - Virtual size: 886B

.hdata Size: 12KB - Virtual size: 108KB

.gdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 359B

DATA
Size: 4KB - Virtual size: 886B

.hdata
Size: 12KB - Virtual size: 108KB

.gdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB