de4518e48f68cbd81c3401761f1e7ad6_JaffaCakes118

General

Target

de4518e48f68cbd81c3401761f1e7ad6_JaffaCakes118
Size

139KB
MD5

de4518e48f68cbd81c3401761f1e7ad6
SHA1

3283eaaa79eb261d62c1f53d4e271946a4db6466
SHA256

1c6d413e177aede6d1f15b72c6e403bf9736e6061da684b13dada7a0238ecc7c
SHA512

2a3f86746cddd748a78cec96cdcd9a6bb0db5be5250f981c486a77545e8b51bc2846b7e88abed6812b6f522f15f955ffed413fbd7508141d8caf94a12aff0721
SSDEEP

3072:fhMwyhbFShpxfU0Cjhr76XPlq+W2AMBODIGXF1iVtE8iBa8xkk5QKa:fMhghpxM0Ih/Ok+VFBODHxBKkSZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de4518e48f68cbd81c3401761f1e7ad6_JaffaCakes118

Files

de4518e48f68cbd81c3401761f1e7ad6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b171afb3a69041cd4a41813da81cfd03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileAttributesW
_llseek
IsBadReadPtr
GetNumberFormatA
VirtualAlloc
CreateSemaphoreW
GetUserDefaultLangID
GetModuleHandleA
GetSystemDefaultLCID
GetVersion
_lwrite
GetEnvironmentVariableW
GetModuleFileNameA
LocalAlloc
GetSystemDefaultLangID
CompareFileTime
GetSystemDefaultUILanguage
ChangeTimerQueueTimer
LocalSize
Sleep
DeleteFileW

user32

CharNextA
SetForegroundWindow
LoadCursorA
InvalidateRect
PeekMessageW
KillTimer
SetDlgItemTextA
GetDlgItemTextW
GetWindowLongW
SetTimer
BeginPaint
SendMessageA
GetSysColor
GetParent
GetDC
IsWindow
GetWindowLongA
GetSysColorBrush
LoadIconA
SetCursor
IsCharLowerA
PeekMessageA
CharNextW
GetFocus
GetDlgItemTextA
wsprintfA
CharNextExA
CreateWindowExA
DialogBoxParamW
SetWindowLongW
GetSystemMetrics
SetWindowLongA
PostMessageW
CharPrevA
DefWindowProcW
TranslateMessageEx
LoadCursorW
SendDlgItemMessageW
EndPaint

gdi32

CreatePen
MoveToEx
GetTextMetricsA
GetObjectW
FrameRgn
CreateDCW
CreatePatternBrush
OffsetRgn

advapi32

RegSetValueExW
RegQueryMultipleValuesA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b171afb3a69041cd4a41813da81cfd03

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 63KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 7KB - Virtual size: 7KB