dd6dd4668e0ba187aa17459d7991b9fc_JaffaCakes118

General

Target

dd6dd4668e0ba187aa17459d7991b9fc_JaffaCakes118
Size

80KB
MD5

dd6dd4668e0ba187aa17459d7991b9fc
SHA1

7e22ab41e16a032063d75b6082434ed60aa30a1a
SHA256

72f25369b79055863bcd31830df12f5107d45a69271792ff27b8b4a50befc0bd
SHA512

729bebf66911b24b105fbf7a1bd9776ef3fa7cb7f56b9e79636242a51a6bbf1711e5c7e06f4687add602c10238b512efbb2461cb1a7f28f556ac1b9b6d842572
SSDEEP

1536:mJbCV39304XNhRnRCTCf3IDOS2X6CWa6qQykFg+kCMAc:8IC4dhRnRCNBSrWj+zCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd6dd4668e0ba187aa17459d7991b9fc_JaffaCakes118

Files

dd6dd4668e0ba187aa17459d7991b9fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54a00654c433fe0a9cfd95a9e859a171

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetProcAddress
GetModuleFileNameW
GlobalUnlock
LoadLibraryA
GetLogicalDrives
CloseHandle
GetLocalTime
GetCurrentThread
LoadResource
ResumeThread
FindNextChangeNotification
GlobalFree
SetCurrentDirectoryW
ReadProcessMemory
GetFileSize
TerminateThread
DeleteFileW
QueryDosDeviceW
FreeResource
CancelWaitableTimer
GetCurrentThreadId
GlobalDeleteAtom
WaitForMultipleObjects
lstrcpyW
GlobalAlloc
MulDiv
FreeLibrary
LockResource
GetFileAttributesExW
GetDriveTypeW
GetModuleHandleW

user32

InvalidateRect
SetForegroundWindow
LoadIconW
LoadImageW
GetDlgItem
FillRect
PostThreadMessageW
CreateWindowExW
wsprintfW
ReleaseCapture
PostQuitMessage
DrawTextW
GetCursorPos
GetClassNameW
PostMessageW
GetKeyState
IsDlgButtonChecked
CreatePopupMenu
GetWindowTextW
DispatchMessageW
SendDlgItemMessageW
SystemParametersInfoW

gdi32

SelectObject
SetBkMode
GetMapMode
GetClipBox
SetTextColor
GetDeviceCaps

advapi32

RegOpenKeyExW
RegCreateKeyExW
InitializeSecurityDescriptor
RegCloseKey
RegNotifyChangeKeyValue

Sections

.tjndyw
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cxcdvj
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wyalb
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54a00654c433fe0a9cfd95a9e859a171

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.tjndyw Size: 68KB - Virtual size: 66KB

.cxcdvj Size: 4KB - Virtual size: 1KB

.wyalb Size: 4KB - Virtual size: 22KB

.tjndyw
Size: 68KB - Virtual size: 66KB

.cxcdvj
Size: 4KB - Virtual size: 1KB

.wyalb
Size: 4KB - Virtual size: 22KB