ce81df0e7050bd417f2ff20ff98b1b60_JaffaCakes118

General

Target

ce81df0e7050bd417f2ff20ff98b1b60_JaffaCakes118
Size

134KB
MD5

ce81df0e7050bd417f2ff20ff98b1b60
SHA1

03798f44919e7cc6658657c53ea1ed0043e68787
SHA256

25a8ec602c85f1764543e2748a1dfaa86a7dfe387621d105f0f6892dc7809083
SHA512

96d96cedf8cb8510437e18f75f9cf65b160be0e207f2b5de358afe25b5048a49d6b9db66ac8f8e5dab130089ad215b764b446f9a448586c63c4516a60d86b492
SSDEEP

3072:WQx8GoY9qwyy9RpJyTCrTbyl1zIEzsS+tV0MzOAfPd3:6GrThETiHynIE9qVPiAt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce81df0e7050bd417f2ff20ff98b1b60_JaffaCakes118

Files

ce81df0e7050bd417f2ff20ff98b1b60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b124867ff5a99056968ef6d5b67631c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
GetTempPathA
VirtualAllocEx
WaitForMultipleObjects
GetModuleFileNameW
GetFileAttributesExA
lstrcpynA
GetComputerNameW
GlobalAlloc
GetCommandLineA
GetMailslotInfo
GlobalLock
ExitProcess
GetVersionExA
ReleaseMutex
IsBadStringPtrW
GetModuleFileNameA

user32

GetDlgItemTextA
GetDesktopWindow
DispatchMessageA
DefWindowProcA
CharPrevA
DefWindowProcW
SendDlgItemMessageA
DestroyWindow
DialogBoxParamW
LoadCursorA
GetClientRect
CharNextExA
SetForegroundWindow
SetWindowLongA
PostMessageA
MessageBoxA
GetDC
GetFocus
PeekMessageA
KillTimer
SetWindowTextW
DialogBoxParamA
SendMessageA
IsWindow
IsWindow
CreateWindowExA
SetWindowTextA
SetDlgItemInt
GetWindowLongA
GetWindowLongW
GetSystemMetrics
InvalidateRect
LoadIconW
GetDlgItemInt
GetSysColorBrush
IsCharLowerA
CharNextW
LoadIconA
PeekMessageW
LoadStringA
SendMessageW
ShowWindow
ReleaseDC
CharPrevW

gdi32

CombineRgn
CreateCompatibleBitmap
SetRectRgn
MoveToEx
CreateBrushIndirect
CreatePenIndirect
CreatePen
SetWindowOrgEx
GetBkMode

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b124867ff5a99056968ef6d5b67631c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 88KB

.rsrc Size: 6KB - Virtual size: 5KB

.xdata Size: 1024B - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 88KB

.rsrc
Size: 6KB - Virtual size: 5KB

.xdata
Size: 1024B - Virtual size: 4KB