07a49e5c247b2bcd4848d5a58ca950ab_JaffaCakes118

General

Target

07a49e5c247b2bcd4848d5a58ca950ab_JaffaCakes118
Size

356KB
MD5

07a49e5c247b2bcd4848d5a58ca950ab
SHA1

e3ec4aede10ad006157b30b4cf6f45b16fb33de4
SHA256

f429f69397bd7ad2d972a43bed55979452e2cd3ba3ad1c0de9d65913371db027
SHA512

787f9042e0aa2b785c94888b94a506b352c6e88b8d05e215afbc4163de29ac9bbabb849b75d2d90f8097f6ad459af07ed0bed46a9fa9d07e18e7ad6d38695ede
SSDEEP

6144:lyG2+5U7tBhjkxSxOx4W2nxePrKx9u8whCw67dKrqbmX8t2:gG2+58Bhjk8O4VADu9uCn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07a49e5c247b2bcd4848d5a58ca950ab_JaffaCakes118

Files

07a49e5c247b2bcd4848d5a58ca950ab_JaffaCakes118
.exe windows:25715 windows x86 arch:x86

57748fba36056dc35a680e687b7cf510

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation

advapi32

RegCloseKey
InitializeSecurityDescriptor
GetLengthSid
RegDeleteKeyW
InitializeSecurityDescriptor
GetTokenInformation

gdi32

LineTo
TextOutW
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetObjectW
DeleteObject
GetTextMetricsW
BitBlt
DeleteObject
GetDeviceCaps
DeleteDC
CreateCompatibleBitmap
SetBkMode
ExtTextOutW
PatBlt

kernel32

GetModuleHandleA
GetCurrentThreadId
GetCommandLineW
SetEvent
FreeLibrary
GetCurrentThreadId
WaitForSingleObject
GetModuleHandleA
VirtualAlloc
LocalFree
ExitProcess
WaitForSingleObject
lstrcmpiW
FormatMessageW
GetCurrentProcess
SetEvent
LocalAlloc

user32

DefWindowProcW
GetDlgItem
DestroyWindow
CreateWindowExW
DestroyWindow
DestroyWindow
GetWindowRect
PostMessageW
ShowWindow
SendMessageW
PostMessageW
GetDC
DestroyWindow
SetTimer
SendMessageW
GetWindowRect
LoadStringW
LoadStringW
PostMessageW
CreateWindowExW
LoadIconW
DefWindowProcW
SetCursor
PostMessageW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 321KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57748fba36056dc35a680e687b7cf510

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 4KB

.edata Size: 321KB - Virtual size: 676KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 4KB

.edata
Size: 321KB - Virtual size: 676KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 12KB