d54d23f5fdbf03c102598d85742ac004_JaffaCakes118

General

Target

d54d23f5fdbf03c102598d85742ac004_JaffaCakes118
Size

572KB
MD5

d54d23f5fdbf03c102598d85742ac004
SHA1

c16a75322df05c9ee837b4443f6fb236523ef0f7
SHA256

e7638cdc2efcbfe15e47873199e69acb7557c6de78969dd6bab656896386e4a9
SHA512

8bc25eaacfc19bb83d164756978b20a9d7ed49a30457be208de5c292bf2fc894ef995031ece21e319c6746f6f91616f02b5e5c9ce898e57a1d95543f72d5fb79
SSDEEP

12288:IygFNIq7ECxVakKdlB2nToJ37RVtBq8H:IymhAIu2nQVVHx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d54d23f5fdbf03c102598d85742ac004_JaffaCakes118

Files

d54d23f5fdbf03c102598d85742ac004_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1586d079af70f27a49fd54b239353287

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SetForegroundWindow
GetSystemMetrics
IsIconic
SetClipboardViewer
IsWindow
SetCapture
GetWindowLongW
FindWindowA
UpdateWindow
GetMessageA
DispatchMessageA
DestroyWindow
PostQuitMessage
CreateWindowExA
PostMessageW
PostMessageA
SendMessageA
DefWindowProcA
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxW
GetWindowRect
SetFocus
SetCursor
ScrollWindow
SetCaretPos
GetClassNameW
GetWindowPlacement
SetWindowTextW
GetDesktopWindow
SetScrollRange
GetWindowTextW

kernel32

WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
HeapFree
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetModuleHandleA
HeapAlloc
VirtualAlloc
GetProcAddress
GetEnvironmentStringsW
GetLastError
GetModuleHandleW
GetStartupInfoA
WideCharToMultiByte
MapViewOfFile
CloseHandle
CreateFileMappingA
CreateFileA
ExitProcess
GetTickCount
LoadLibraryA

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW

ole32

CoInitialize
CoCreateInstanceEx
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1586d079af70f27a49fd54b239353287

Headers

File Characteristics

Imports

user32

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 40KB - Virtual size: 41KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 40KB - Virtual size: 41KB

.rsrc
Size: 112KB - Virtual size: 110KB