03bbca4293cc429187cbbe9240173f78_JaffaCakes118

General

Target

03bbca4293cc429187cbbe9240173f78_JaffaCakes118
Size

73KB
MD5

03bbca4293cc429187cbbe9240173f78
SHA1

c861e71295e9adabfedd6e1e8a62906dd668d54e
SHA256

e4ab8e0ab4b950cb0ecef8737c56981123f3f8848b843d265c70b745a869ed57
SHA512

0057afd79aef54cf794fe490f7f7e065285e6721a481c543b2f6e8cd798cb66d6bc46278cc3c1d8c273dae87fee55b92e5141abee572b9e66d99c38558cd1452
SSDEEP

1536:sIUssuqjvW8iW0/q1BXfV7kh36uGJTXJCz/xu0vQzAx78BieluRaG8Jyhx36:Js1jWaLusJTBzAx78NiaG8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03bbca4293cc429187cbbe9240173f78_JaffaCakes118

Files

03bbca4293cc429187cbbe9240173f78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5d032865c24676eba41f56b65f6c8df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
GetLastError
FindClose
CreateFileA
GetModuleHandleA
LocalAlloc
GetFullPathNameW
FileTimeToDosDateTime
VirtualAlloc
OutputDebugStringA
VirtualProtect
GetLastError
GetCurrentDirectoryA
CreateEventA
TlsFree
LoadLibraryA
ExitProcess
LoadResource
GetModuleHandleW
InterlockedExchange
FatalAppExitW
DisableThreadLibraryCalls

msvcrt

_close
iswpunct
__iscsymf
__RTCastToVoid
iswalpha
getchar
_strnset
memcpy
__lconv_init
_ismbstrail
_ismbcl1

user32

GetMessageW
DialogBoxParamW
GetDlgItem
LoadStringW
SetWindowPlacement
DrawTextW
RegisterClassExW
GetMonitorInfoW
MoveWindow
MessageBeep
ModifyMenuA
GetWindowTextW
ShowWindow
DestroyWindow
EndDialog
GetClassNameW
MapVirtualKeyA
LoadStringA
AppendMenuW
EqualRect
GetClipboardData

gdi32

MoveToEx
LineTo
GetTextFaceW
SetRectRgn
CreatePatternBrush
SetTextColor
GetDIBits
GetStockObject

opengl32

glScissor
glFogfv
glVertex3sv
glRecti
glPixelTransferf
glGetTexGendv

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d032865c24676eba41f56b65f6c8df

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 512B - Virtual size: 76B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 512B - Virtual size: 76B