ec0e55d0b24ddb7b29e929ac9b5af539_JaffaCakes118

General

Target

ec0e55d0b24ddb7b29e929ac9b5af539_JaffaCakes118
Size

134KB
MD5

ec0e55d0b24ddb7b29e929ac9b5af539
SHA1

3c1a4ddc435cfed885f6d02ab8d794ac638bb39b
SHA256

0a0888361bc62b32037678007dd7c593d81215b823c71afdc32d785691847b96
SHA512

904df3a3b45bccee77e276572790b660467c17dae7d1c4dc4bff7b94664489314ea3a44c7a8c14850f0a94054546735d6b1e45f4449b184abf97a80503d4fc34
SSDEEP

3072:WQx8GoY9qwyy9RpJyTCrTbyl1zIEzsS+tV0MzOAfPd3:6GrThETiHynIE9qVPiAt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec0e55d0b24ddb7b29e929ac9b5af539_JaffaCakes118

Files

ec0e55d0b24ddb7b29e929ac9b5af539_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b124867ff5a99056968ef6d5b67631c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
GetTempPathA
VirtualAllocEx
WaitForMultipleObjects
GetModuleFileNameW
GetFileAttributesExA
lstrcpynA
GetComputerNameW
GlobalAlloc
GetCommandLineA
GetMailslotInfo
GlobalLock
ExitProcess
GetVersionExA
ReleaseMutex
IsBadStringPtrW
GetModuleFileNameA

user32

GetDlgItemTextA
GetDesktopWindow
DispatchMessageA
DefWindowProcA
CharPrevA
DefWindowProcW
SendDlgItemMessageA
DestroyWindow
DialogBoxParamW
LoadCursorA
GetClientRect
CharNextExA
SetForegroundWindow
SetWindowLongA
PostMessageA
MessageBoxA
GetDC
GetFocus
PeekMessageA
KillTimer
SetWindowTextW
DialogBoxParamA
SendMessageA
IsWindow
IsWindow
CreateWindowExA
SetWindowTextA
SetDlgItemInt
GetWindowLongA
GetWindowLongW
GetSystemMetrics
InvalidateRect
LoadIconW
GetDlgItemInt
GetSysColorBrush
IsCharLowerA
CharNextW
LoadIconA
PeekMessageW
LoadStringA
SendMessageW
ShowWindow
ReleaseDC
CharPrevW

gdi32

CombineRgn
CreateCompatibleBitmap
SetRectRgn
MoveToEx
CreateBrushIndirect
CreatePenIndirect
CreatePen
SetWindowOrgEx
GetBkMode

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b124867ff5a99056968ef6d5b67631c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 88KB

.rsrc Size: 6KB - Virtual size: 5KB

.xdata Size: 1024B - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 88KB

.rsrc
Size: 6KB - Virtual size: 5KB

.xdata
Size: 1024B - Virtual size: 4KB