c902851339d19e0b20aba34f6dc99bee_JaffaCakes118

General

Target

c902851339d19e0b20aba34f6dc99bee_JaffaCakes118
Size

60KB
MD5

c902851339d19e0b20aba34f6dc99bee
SHA1

66c4519f370009c1488dff09c4364e48627e975f
SHA256

107878619e6ad5047f50deae44e3b74b6aa2fa468fad9de7cd5cde45658488f2
SHA512

2ef4145e25f2e591c549ff099ccf2789dd667add87dc01355ed779b8339e850177e9671924c5dbd96f8431d52e9ecf87f984fb18b7567a17123663b272067227
SSDEEP

1536:QdfDw5ZT6HF0d5Ou+2qfLi2hxKU80cyNtbiAv:YfDbF0d5z+2p2LNc8uAv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c902851339d19e0b20aba34f6dc99bee_JaffaCakes118

Files

c902851339d19e0b20aba34f6dc99bee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b204bc3d7eb7e4652597a338890aa7ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawFocusRect
UnregisterClassA
SetCapture
InflateRect
CheckMenuItem
KillTimer
SetTimer
GetMessageW
ShowWindow
SetWindowLongW
LoadStringW
CharNextW
GetWindow
LoadCursorW
SetCursor
EnableWindow
GetDC
GetSysColorBrush
EnumChildWindows
SystemParametersInfoA
GetWindowLongA
PostMessageA
LoadStringA
SendMessageA
MessageBoxA
DefWindowProcA
DispatchMessageA
IsWindow
DestroyIcon
LoadImageW
GetSysColor
BeginPaint
EndPaint
GetParent
SendMessageW
ReleaseDC

kernel32

GetModuleHandleA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
GetLastError
GetProcAddress
GetModuleHandleW
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetStartupInfoW
GetVersion
ExitProcess

setupapi

SetupQueueRenameSectionA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b204bc3d7eb7e4652597a338890aa7ce

Headers

File Characteristics

Imports

user32

kernel32

setupapi

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 82KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 82KB

.rsrc
Size: 4KB - Virtual size: 1KB