f5693b682c442519765e3e5bc4b2d822_JaffaCakes118

General

Target

f5693b682c442519765e3e5bc4b2d822_JaffaCakes118
Size

56KB
MD5

f5693b682c442519765e3e5bc4b2d822
SHA1

d248c2ea4f60954bdd15d87d4934677354509662
SHA256

631f1ffcbf40a81f24da971bf7a632879432aaa2c3d7ef2e5ff279985b13eb41
SHA512

323ef3cbaf82a7d72e450f83066bebc59eb163c81b1ee8ea15e3b6aafca4f7629bf69065c2c25a82761d877716e8a756afce72a6eaba9d3b3c447f15639f5e25
SSDEEP

1536:zTrNQHtXqZPsQhZ7isDqclBXqvfJ01Ud:vryAZPsU8u/XqJKUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5693b682c442519765e3e5bc4b2d822_JaffaCakes118

Files

f5693b682c442519765e3e5bc4b2d822_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27f8d2564401f0aed0ab1c41c97150f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LoadLibraryA
GetTickCount
WaitForMultipleObjects
FreeLibrary
CancelWaitableTimer
GetVersion
FindFirstFileW
DuplicateHandle
CreateFileW
FindResourceW
TerminateThread
CloseHandle
SetWaitableTimer
SetCurrentDirectoryW
VirtualFree
GlobalUnlock
CreateThread
SuspendThread
FindFirstChangeNotificationW
SetEvent
QueryDosDeviceW
GetLastError
GetProcAddress
GetCurrentProcessId
WritePrivateProfileStringW
ResumeThread
SetFilePointer
GetLogicalDrives

user32

EnableWindow
DialogBoxParamW
PostQuitMessage
CreateWindowExW
SetCursorPos
PostThreadMessageW
SetLayeredWindowAttributes
LoadImageW
OffsetRect
DrawTextW
EndDialog
GetWindowRect
WindowFromPoint
UpdateWindow
GetMessageW
SetWindowTextW
SendMessageW

gdi32

CreateDCW
SetMapMode
SetBkColor
CreateFontIndirectW
StretchBlt
CreateSolidBrush
SetBkMode
DPtoLP
SetTextColor
CreatePen

advapi32

RegCloseKey
SetSecurityDescriptorDacl

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27f8d2564401f0aed0ab1c41c97150f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1012B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1012B