f50ae67cb117759a22dff14d35673064_JaffaCakes118

General

Target

f50ae67cb117759a22dff14d35673064_JaffaCakes118
Size

444KB
MD5

f50ae67cb117759a22dff14d35673064
SHA1

724d031f75d4ca21a430b7f3c1e0054ad8fab0b3
SHA256

633e0850936c844c6012982e5873c2263d5dee977bfe597718ff7f9cbc188633
SHA512

5d50e8fe4aac1d2c68789bbfa46d1a9ff719891706d74ce95394016d71b44249574ce3909a8e0b22c60aae553a4d43a6e052f85b7f8af2d30a293da9fae64b8c
SSDEEP

6144:btkAgvTV1tji66Xq/kFiLfHd+roYTp14ifr7lbwsCZI8LnzAjTEK70k/NLUZZ98j:qAkTbUY/k4LcroYz4AbVCvkkKD/NI6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50ae67cb117759a22dff14d35673064_JaffaCakes118

Files

f50ae67cb117759a22dff14d35673064_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66d2187892cb92af3951b5bfd237fcbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
RtlMoveMemory
RtlZeroMemory
MulDiv
lstrcpynA
CloseHandle
LoadResource
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetFileSize
GetCommandLineA
FreeResource
FindResourceA
ExitProcess
CreateFileA
SizeofResource

user32

SetCapture
SetCursor
SetForegroundWindow
SetTimer
SetWindowLongA
ReleaseDC
ShowCursor
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow
SetWindowPos
ReleaseCapture
RegisterClassExA
PostMessageA
MessageBoxA
LoadIconA
LoadCursorA
KillTimer
InvalidateRect
GetWindowLongA
GetMessageA
GetDC
GetCursor
GetClientRect
GetCapture
FillRect
EnumDisplaySettingsA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
BeginPaint
PostQuitMessage

shell32

ShellExecuteA

gdi32

BitBlt
ExcludeClipRect
GetDeviceCaps
GetStockObject
SelectObject
SetBkColor
StretchBlt
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
DeleteObject

ole32

CoTaskMemAlloc
CoUninitialize
CreateStreamOnHGlobal
CoInitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 217KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66d2187892cb92af3951b5bfd237fcbb

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

ole32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 144B

.rsrc Size: 217KB - Virtual size: 220KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 144B

.rsrc
Size: 217KB - Virtual size: 220KB