e24a087a48e74849eb24562452475f29_JaffaCakes118

General

Target

e24a087a48e74849eb24562452475f29_JaffaCakes118
Size

94KB
MD5

e24a087a48e74849eb24562452475f29
SHA1

28b6a6f666557de3a4faf1777cb7d6204139355d
SHA256

ba7db2faffbfff6db84f7d251e6ca69ce307db0219a2b940b0e041caa2c1e367
SHA512

44c834311ef262f0415bc6044b934812928439052f9925e4d163cda415317bcc01672f41de1972bc5ff464dfc5d7e99b4d3c1a4b65188da89bef175ebb303229
SSDEEP

1536:Rsv85V0CDIDbMQ1lxDr+KvbfXGN6PyO1BFJV7su83E/xTX2C9GbHGm8e//8M:RO8nHYMQxCKbR6yJV7f3/Nx9G7GE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24a087a48e74849eb24562452475f29_JaffaCakes118

Files

e24a087a48e74849eb24562452475f29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0cd80bbfe9071558e61923dad2375e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColor
ShowWindow
SetWindowTextW
PeekMessageA
ReleaseDC
GetSysColorBrush
GetDlgItem
DispatchMessageA
GetFocus
SetDlgItemTextW
PostQuitMessage
CreateWindowExA
MessageBoxA
CharNextExA
LoadIconW
EnableWindow
SendDlgItemMessageW
KillTimer
InvalidateRect
LoadIconA
SendMessageA
IsCharLowerA
GetWindowLongW
GetMenuItemCount
CreateWindowExW
LoadCursorA
EndPaint
DialogBoxParamA
CharPrevExA
GetWindowLongA
SetTimer
SetDlgItemInt
GetDlgItemTextA
EndDialog
GetSystemMetrics
PeekMessageW
GetDlgItemInt
AppendMenuA
GetClientRect
DefWindowProcW
CreateMenu

kernel32

GetFullPathNameW
GetSystemDefaultLangID
SleepEx
GetCurrencyFormatW
_hwrite
GetStartupInfoW
DeleteFileW
ConvertDefaultLocale
GetSystemDefaultLCID
CreateMutexW
TerminateThread
DosDateTimeToFileTime
GetModuleHandleW
GetMailslotInfo
GetCommandLineW

ntdll

NtRequestWaitReplyPort
RtlConvertUlongToLargeInteger
RtlStartRXact
ZwOpenKey
ZwReadFile
NtQueryDebugFilterState
ZwLockFile
ZwAllocateVirtualMemory
NtPrivilegeObjectAuditAlarm

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0cd80bbfe9071558e61923dad2375e2

Headers

File Characteristics

Imports

user32

kernel32

ntdll

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 38KB - Virtual size: 48KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 38KB - Virtual size: 48KB

.rsrc
Size: 6KB - Virtual size: 5KB