f65c252684785a52bdcdfb0c0d26e31a_JaffaCakes118

General

Target

f65c252684785a52bdcdfb0c0d26e31a_JaffaCakes118
Size

861KB
MD5

f65c252684785a52bdcdfb0c0d26e31a
SHA1

6b273063ec802c4d97719b08940e17ab16d6a2ce
SHA256

b57eaa5862d18f955641fcb95f4549fa7308da6349656e345dc14764a1ed26a8
SHA512

3ca7f95dc06b48818e68ca76d92c4ba553d9da7abcf188fd4f8cf772fab5ae68bc7793a700e267b5a82021404109b3fd74d9a7191e7d96ddef6182fe87627e41
SSDEEP

24576:87LeidqieQ8tSiLO049f3XiO2Z4ZWGD96:87LvqieQ8t404p3XCm9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f65c252684785a52bdcdfb0c0d26e31a_JaffaCakes118

Files

f65c252684785a52bdcdfb0c0d26e31a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

217e7e5ae3fe610989161d7c0acb74f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageW
CreatePopupMenu
MessageBeep
FillRect
GetDC
GetSysColorBrush
SetWindowPlacement
TrackPopupMenu
EnumChildWindows
CheckDlgButton
ReleaseCapture
RegisterClassExW
SystemParametersInfoW
CallWindowProcA
DialogBoxParamA
DrawTextA
MoveWindow
IsChild
ShowWindow
EnumThreadWindows

kernel32

GetFileAttributesW
DeleteCriticalSection
lstrlenW
LCMapStringW
FindFirstFileA
FindNextFileW
lstrcpynA
GetTempFileNameW
GetStringTypeW
SetThreadPriority
GlobalFree
SetEvent
GetCurrentThread
SetCurrentDirectoryA
lstrcpyA
HeapFree
MoveFileExW
WriteFile
DeleteFileW
EnterCriticalSection
GetFullPathNameA
VirtualAlloc
LockFile
LoadLibraryA
LockResource
SetStdHandle
TlsAlloc
InterlockedExchange
OpenEventW
ExitThread
GetEnvironmentStringsA
LeaveCriticalSection
DuplicateHandle
MoveFileA
FormatMessageA
GetFileSize
GetDiskFreeSpaceA
LocalReAlloc
GetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetShortPathNameW

advapi32

ReportEventW
RegEnumKeyExW
GetLengthSid
CloseServiceHandle
GetTokenInformation
QueryServiceStatus
RegCreateKeyW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

217e7e5ae3fe610989161d7c0acb74f4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 683KB - Virtual size: 682KB

.data Size: 2KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 683KB - Virtual size: 682KB

.data
Size: 2KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB