fbceaacd36f7dfe962f052a382c52c53_JaffaCakes118

General

Target

fbceaacd36f7dfe962f052a382c52c53_JaffaCakes118
Size

60KB
MD5

fbceaacd36f7dfe962f052a382c52c53
SHA1

e2cec7c1f9a8d1e811527fd8df499b516dfcafb2
SHA256

76b9c959924e5137afce09d28eee333b439fa51ec0dd80d0d6186907278a6ca7
SHA512

4f69ccc5f180a0e2f5c93fe7374062dc455469940579e816f9f1950bc08a556037c2ddbbe650a59ecfa4b83d38d022174f9c2de21208fb32a79c75c3949e8a16
SSDEEP

1536:6VsjgjD/+OkLF1hQFbZWshyhdHbMsUNP:6VWOTiibk/nW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbceaacd36f7dfe962f052a382c52c53_JaffaCakes118

Files

fbceaacd36f7dfe962f052a382c52c53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

365551f367d7c08ab5b4bf94ff18889d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadResource
SetLastError
ResumeThread
SetThreadPriority
GetFileAttributesExW
GetTickCount
FreeLibrary
WideCharToMultiByte
CreateProcessW
FindResourceExW
LoadLibraryA
GlobalUnlock
GetSystemTime
FreeResource
FindClose
SetCurrentDirectoryW
VirtualFree
CreateEventW
GlobalAlloc
GetCurrentThread
GlobalDeleteAtom
FindNextFileW
GlobalAddAtomW
SetWaitableTimer
GetProcAddress
SetEvent

user32

SetWindowPos
GetClassNameW
DefWindowProcW
DrawTextW
GetWindowRect
LoadIconW
GetSystemMetrics
InvalidateRect
GetWindowDC
SetCursorPos
IsWindow
PostQuitMessage
GetCursorPos
TranslateMessage
LoadStringW
SystemParametersInfoW
DestroyIcon
CreateWindowExW
GetKeyState
IsDlgButtonChecked
DispatchMessageW

gdi32

GetDeviceCaps
GetClipBox
CreateCompatibleBitmap
CreateRoundRectRgn
StretchBlt
SetTextColor
CreateICW

advapi32

GetUserNameW
RegNotifyChangeKeyValue
SetSecurityDescriptorDacl
RegCreateKeyExW
LookupPrivilegeValueW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

365551f367d7c08ab5b4bf94ff18889d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1004B

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1004B