fdcbe903aa76ad2192fc0fd16af71025_JaffaCakes118

General

Target

fdcbe903aa76ad2192fc0fd16af71025_JaffaCakes118
Size

68KB
MD5

fdcbe903aa76ad2192fc0fd16af71025
SHA1

323e4514df385e494dc907cfffb888f6bbecd561
SHA256

2dc9025dcbd696a8855c2e8a0f41e462f9a7da7a4dd8c88113c0eb4e8385c787
SHA512

5181f33852ddfc5cc0c3a8b0849f743cea938a51e03c38c2a9ae82979c2ee2223fb9cfb122a6f2211bdecc47c05acc05f494eec739590768ec0d92ba8c41a4d0
SSDEEP

1536:rDDXRntHODFTwlPBOsHcof7Gw0vkHDRDs32D:7XxtuDF+EiTGqDjD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdcbe903aa76ad2192fc0fd16af71025_JaffaCakes118

Files

fdcbe903aa76ad2192fc0fd16af71025_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b60cce5733bb6d260cf03588705be33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetLogicalDrives
CreateFileW
GetPrivateProfileStringW
MulDiv
CloseHandle
GetCurrentThreadId
FindNextChangeNotification
ReadProcessMemory
FileTimeToSystemTime
GetModuleHandleW
SetWaitableTimer
DeleteFileW
GetProcAddress
LoadLibraryA
LockResource
GetTickCount
lstrlenW
InterlockedIncrement
FindResourceW
SizeofResource

user32

GetParent
CreatePopupMenu
AppendMenuW
DrawTextW
VkKeyScanW
WindowFromPoint
GetKeyState
LoadBitmapW
GetMessageW
LoadImageW
SetCapture
DispatchMessageW
ReleaseCapture
DestroyMenu
IsWindow
GetWindowDC
SetForegroundWindow
IsDlgButtonChecked
LoadIconW
SetLayeredWindowAttributes
EnableWindow
ReleaseDC
SystemParametersInfoW
SetWindowPos

gdi32

DPtoLP
CreateCompatibleDC
CreateICW
LineTo
CreateSolidBrush
GetStockObject
SelectObject
BitBlt
CreateDCW

advapi32

RegNotifyChangeKeyValue
LookupPrivilegeValueW
SetSecurityDescriptorDacl
GetUserNameW
RegOpenKeyExW
InitializeSecurityDescriptor
RegQueryValueExW

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b60cce5733bb6d260cf03588705be33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB