d60ee6e88b18a2a362d2d55c05672b23_JaffaCakes118

General

Target

d60ee6e88b18a2a362d2d55c05672b23_JaffaCakes118
Size

161KB
MD5

d60ee6e88b18a2a362d2d55c05672b23
SHA1

40e934430f9f82685278131f457fff0bb89886d1
SHA256

44e7e5f3044aa17dbddb3ecc01245b1c4ecd6ef3c421ae6dae322bf4a05e07e6
SHA512

0e2cc24fb12418409398af1eaa78cee44d975fc84fca4c9bb67934acf00badde88bb38e15fea5bf2666b241b569684c88dd8af382e0b10e276b31259d32a4ee4
SSDEEP

3072:t5ntChqLFCZm426GqjErZCcet4d97DhT94YWeUz5HbMn:t55IZm426ar0Nt4nD594YXUz5Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d60ee6e88b18a2a362d2d55c05672b23_JaffaCakes118

Files

d60ee6e88b18a2a362d2d55c05672b23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53ca8aea066c12868a08901244d922d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcessId
GetStringTypeW
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GlobalSize
FindClose
LoadLibraryA
GetProcAddress
lstrcpynW
GetSystemInfo
VirtualAlloc
VirtualAllocEx
SetStdHandle
ReadFile
SetEndOfFile
RtlUnwind
SetFilePointer
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
UnhandledExceptionFilter
GetStringTypeA
CreateFileA
CloseHandle
GetLocaleInfoA
VirtualProtect
GetModuleFileNameA
GetLongPathNameW
FlushFileBuffers

user32

mouse_event
CheckMenuRadioItem
wsprintfW
SetWindowPos

gdi32

CreateCompatibleDC
StartPage
SetTextAlign
RestoreDC
CreatePen

comdlg32

ChooseColorW

advapi32

RegDeleteValueA
RegCreateKeyExW
RegQueryValueExW

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ca8aea066c12868a08901244d922d9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 136KB - Virtual size: 359KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 136KB - Virtual size: 359KB

.rsrc
Size: 4KB - Virtual size: 4KB