f9b0c11fdbe5f16ee456841c04f3fcc4_JaffaCakes118

General

Target

f9b0c11fdbe5f16ee456841c04f3fcc4_JaffaCakes118
Size

315KB
MD5

f9b0c11fdbe5f16ee456841c04f3fcc4
SHA1

9161c2071c5ba8f3f6095ca27e11ff14d1aa478a
SHA256

907a8b1006c6a11fe6e5305e8cb51366df57f3a53e9ca2ec73bf1f2fa60acc14
SHA512

b51064d189f6aa0a60b2ad0f78ddcfa3f96b8ff0bdce1722968bd285e2b9c2c4c1a4e0d070ccdfcf4d0538d26fe5638d6df72ab312a301d6e8a16e974d3a6089
SSDEEP

6144:uOE0h5bSfsavGRhMpE7jQF7ryMF3QAfEqhEzartSChJzuR4ybciH0C:vCsae0E7jQpryMKXWpJzJiH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9b0c11fdbe5f16ee456841c04f3fcc4_JaffaCakes118

Files

f9b0c11fdbe5f16ee456841c04f3fcc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acf996e491deb18cba82ced473ca6fb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

CharNextW
MessageBoxA
EndDialog
RegisterClassA
FindWindowA
TrackPopupMenuEx
DialogBoxParamA
TranslateAcceleratorA
ClientToScreen
CharPrevW
CreateDialogIndirectParamA
LoadStringA
IsWindowVisible
wsprintfA
GetWindowLongA
EnumWindowStationsW
GetClientRect
CreateWindowExA
LoadCursorA
GetWindowTextA
SetRectEmpty
EnableMenuItem
GetWindowTextLengthA
SendMessageA
GetParent
InvalidateRect

kernel32

GetCurrentThreadId
HeapFree
lstrcatA
FindResourceA
lstrcpyA
FlushFileBuffers
lstrlenA
LockResource
HeapAlloc
ExitProcess
EnterCriticalSection
GetProcessHeap
LeaveCriticalSection
lstrlenW
IsBadWritePtr
WideCharToMultiByte
LoadResource
HeapReAlloc

advapi32

RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA

secur32

GetUserNameExW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateOleAdviseHolder

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acf996e491deb18cba82ced473ca6fb3

Headers

File Characteristics

Imports

user32

kernel32

advapi32

secur32

ole32

Sections

.text Size: 206KB - Virtual size: 206KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 101KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 74KB

.text
Size: 206KB - Virtual size: 206KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 101KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 74KB