cf37a11242d521348439179e085d37e9_JaffaCakes118

General

Target

cf37a11242d521348439179e085d37e9_JaffaCakes118
Size

226KB
MD5

cf37a11242d521348439179e085d37e9
SHA1

22f8601ea7d4631baccf7631a5a9c425aa41d546
SHA256

e34fbc183e3995ac3cd60ccbf8e98b70add8746029ab47e8d4e52f04bede0cf7
SHA512

b0403e37d56f6825997f51bbdaa9fe0467a2bdb78f53e1315110d0fd43d0e2e1e516f3d77df1300fa53ee5ff79aa05e972ece01779649056f51af30484e7389e
SSDEEP

6144:tUz3B9qMd70ECf5LfYqw+LhyaD58GQBtp:tUTGMZ05fJ5V58bB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf37a11242d521348439179e085d37e9_JaffaCakes118

Files

cf37a11242d521348439179e085d37e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22c9d733079a3fd44ecdc773acb8fdfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
GetActiveWindow
GetDC
GetParent
LoadImageW
LoadStringW
MessageBoxW
PostMessageW
RegisterClipboardFormatW
ReleaseDC
SendMessageW
SystemParametersInfoW

gdi32

GetSystemPaletteEntries

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

kernel32

CreateThread
DeleteFileA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetLocalTime
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
CloseHandle
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
IsDBCSLeadByte
LoadLibraryA
LocalAlloc
LocalFree
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
SetFileAttributesA
CreateFileA
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WriteFile
CreateMutexA
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateProcessA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22c9d733079a3fd44ecdc773acb8fdfc

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 17KB - Virtual size: 32KB

.reloc Size: 11KB - Virtual size: 12KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 17KB - Virtual size: 32KB

.reloc
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 10KB - Virtual size: 12KB