dcff1f1b8d1bfbb80b1be5563518e3ce_JaffaCakes118

General

Target

dcff1f1b8d1bfbb80b1be5563518e3ce_JaffaCakes118
Size

82KB
MD5

dcff1f1b8d1bfbb80b1be5563518e3ce
SHA1

9103c23f4f91c37a1119d08106ac7d6de8bd55c2
SHA256

80b58164feb15e398de5eb6c69c350fbfa1708155b0fc0c568b0a336f44951af
SHA512

fa1cf6f496779fe7ef9dd0169c243c11705689ccc14a13bc24012e1efd98ca5ef8d03c3d4556561785b30936435c45276699ac4f07de9653dc7ffa64144c0beb
SSDEEP

1536:lPBL+CDjP3Xm3aBkkR0GVHcKFyswV3imPvDf5eh88vE8wn:lPBLF/Xm3aBLVlryxO3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcff1f1b8d1bfbb80b1be5563518e3ce_JaffaCakes118

Files

dcff1f1b8d1bfbb80b1be5563518e3ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6cb1461c6b585d867f0ab49324299d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
FreeLibrary
GetCurrentThread
GetCurrentProcess
ExitThread
GetTickCount
VirtualAlloc
GetProcessHeap
GetThreadPriority
GetModuleHandleA
GetStartupInfoA
GetProcessTimes
CreateThread
GetCurrentProcessId
Sleep
GetPriorityClass
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetLastError
LoadLibraryA

user32

GetWindowLongA
CreateWindowExA
UpdateWindow
GetActiveWindow
GetWindow
GetForegroundWindow
GetClassLongA
GetSystemMetrics
ShowWindow
GetWindowTextA
GetDC
GetWindowTextLengthA
BeginPaint
RegisterClassA
GetFocus
GetWindowDC
OpenIcon
ReleaseDC
IsWindowVisible

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
IsTextUnicode

shell32

DragAcceptFiles
DragQueryFileA
ShellAboutA
DragFinish

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6cb1461c6b585d867f0ab49324299d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 69KB

.tls Size: 512B - Virtual size: 92B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 69KB

.tls
Size: 512B - Virtual size: 92B

.rsrc
Size: 3KB - Virtual size: 3KB