d22ab60e72ddb007b75af6802b1d24f4_JaffaCakes118

General

Target

d22ab60e72ddb007b75af6802b1d24f4_JaffaCakes118
Size

68KB
MD5

d22ab60e72ddb007b75af6802b1d24f4
SHA1

9b21a275e6a21c8b83f9e21315181dd1bf964857
SHA256

0aeebb8a65d7c85ed8561b26988f3f4fe89bcb434405bd706d425e0af72365e8
SHA512

8b1c5d4d5afa5c9898d093fbefea44ed08c6eeefb2dba607e9c9001ccae362c40d5a263c2acef626af9f96374d39077b759f58da288ae0d0a6a593a69e7247f5
SSDEEP

1536:blZOApeO+bGTmPWc9H6t5Xxvt3CCB4zf/BPCK:blrppJTmPHH451ty5BaK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d22ab60e72ddb007b75af6802b1d24f4_JaffaCakes118

Files

d22ab60e72ddb007b75af6802b1d24f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5301d8f52f407894bf3cf81a1315e0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
SuspendThread
GetSystemTime
FindNextFileW
GetProcAddress
DuplicateHandle
GetTickCount
FindFirstFileW
Sleep
LoadLibraryA
FreeResource
WaitForMultipleObjects
LoadResource
GetUserDefaultLangID
FindNextChangeNotification
ReadProcessMemory
WritePrivateProfileStringW
WideCharToMultiByte
SetLastError
GlobalAddAtomW
GetFileAttributesW
GlobalAlloc
SetFilePointer

user32

LoadCursorW
DialogBoxParamW
GetSystemMetrics
ReleaseCapture
WindowFromPoint
AppendMenuW
GetWindowRect
GetParent
DefWindowProcW
RegisterHotKey
GetKeyState
RegisterClassExW
OffsetRect
LoadImageW
DispatchMessageW
DestroyMenu
RedrawWindow
SystemParametersInfoW
GetMessageW
GetWindowTextW
GetClassNameW

gdi32

LineTo
SelectObject
SetDIBits
SetBkMode
DeleteDC
DPtoLP
CreateICW
CreateCompatibleBitmap

advapi32

LookupAccountSidW
InitializeSecurityDescriptor
RegNotifyChangeKeyValue
RegOpenKeyExW
StartServiceW
RegSetValueExW
RegCreateKeyExW

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5301d8f52f407894bf3cf81a1315e0e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB