da50e9eb7955f12fef8afa7723188d54_JaffaCakes118

General

Target

da50e9eb7955f12fef8afa7723188d54_JaffaCakes118
Size

26KB
MD5

da50e9eb7955f12fef8afa7723188d54
SHA1

03d227efbd5c968e0610dc2a1670886cf8054868
SHA256

7d1ad388e3e8df219fa4de7beeb8b06869ec1d5d465e0e61b8ffe40b540da5b2
SHA512

2827e0eb46a240168774c729834b679c589a523b8a61d6c46a3b5ad9f45728167fc88b05130e955837ca6d376d1fbc3818fa0ccc6da88d0660aefa7d6f94e119
SSDEEP

768:ug88VYxBmTM9+9oOKfKnXTHJYdQId1Cd:YUtp9mwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da50e9eb7955f12fef8afa7723188d54_JaffaCakes118

Files

da50e9eb7955f12fef8afa7723188d54_JaffaCakes118
.exe windows:16311 windows x86 arch:x86

a84648bfe3b6fb994fa74f83ca42f851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
HeapAlloc
SetEvent
GetSystemTimeAsFileTime
GetCommandLineW
GetProcessHeap
SetEvent
WaitForSingleObject
VirtualAlloc
VirtualAlloc
VirtualAlloc
SetUnhandledExceptionFilter
lstrlenW
GetCurrentThreadId
CloseHandle
GetCommandLineA
FreeLibrary
HeapDestroy
LocalFree
GetCurrentThreadId
TerminateProcess
HeapFree
TerminateProcess
GetModuleFileNameA
ExitProcess
GetProcAddress
UnhandledExceptionFilter
InterlockedIncrement
GetModuleHandleW
SetEvent
InterlockedDecrement
LocalAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
WriteFile
SetLastError
DeleteCriticalSection
lstrcmpiW
SetLastError
SetFilePointer

user32

LoadCursorW
GetMessageW
CreateWindowExW
WinHelpW
CopyRect
SendDlgItemMessageW
GetSystemMetrics
wsprintfA
CreateDialogParamW
GetDC
GetWindowLongW
GetMenu
wsprintfW
GetDlgItemTextW
MoveWindow
GetSysColor
LoadImageW
GetCursorPos
DispatchMessageW
DestroyWindow
LoadStringW
DialogBoxParamW
OffsetRect
SetForegroundWindow
MessageBoxW
DrawTextW
DestroyMenu
FillRect
IsWindowVisible

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84648bfe3b6fb994fa74f83ca42f851

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB