f9f52a1269c9577937cb222ac8037214_JaffaCakes118

General

Target

f9f52a1269c9577937cb222ac8037214_JaffaCakes118
Size

568KB
MD5

f9f52a1269c9577937cb222ac8037214
SHA1

63d8fc56792332a69b844101ee4c4a1b58608e2d
SHA256

2c69ee71a37c1e3e195ba454e6728da0f41fc16c173a056df99916ceb5b51e41
SHA512

36bcafb61e105ce2a36e9509b374b95cfd8b15dd20ff31ebf40b6a691c7f7bf494fbdd12deac202e33bd23f325e9b5e6e6a7634f20e124ba6319b9d88b95fe16
SSDEEP

6144:VdjTOk2ikl/LmnxyJjvRn9tAdadrEhcVKFNTOYNSeA/GjaMwZTazWXzkYdehtXIT:fObZ5ayNl/9ucVJYNSegGjzs4x/Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9f52a1269c9577937cb222ac8037214_JaffaCakes118

Files

f9f52a1269c9577937cb222ac8037214_JaffaCakes118
.exe windows:4 windows x86 arch:x86

036d9e31065a0212485cef5d98e76f5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
RegisterClassA
LoadIconA
LoadCursorA
FindWindowA
SetForegroundWindow
GetSystemMetrics
UpdateWindow
ShowWindow
GetMessageA
MessageBoxW
DestroyWindow
PostQuitMessage
CreateWindowExA
SetFocus
PostMessageA
SendMessageA
DefWindowProcA

kernel32

LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
MultiByteToWideChar
HeapFree
VirtualFree
HeapCreate
GetStartupInfoA
CreateFileMappingA
CreateFileA
ExitProcess
GetTickCount
GetLastError
GetModuleHandleA
LCMapStringA
LCMapStringW
GetStringTypeA
RtlUnwind
GetStringTypeW
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetStdHandle

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoInitialize
CoUninitialize
CoCreateInstanceEx

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

036d9e31065a0212485cef5d98e76f5f

Headers

File Characteristics

Imports

user32

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 344KB - Virtual size: 340KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 40KB - Virtual size: 42KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 344KB - Virtual size: 340KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 40KB - Virtual size: 42KB

.rsrc
Size: 112KB - Virtual size: 110KB