0503aae4ec05d9c193f80514794b8395_JaffaCakes118

General

Target

0503aae4ec05d9c193f80514794b8395_JaffaCakes118
Size

148KB
MD5

0503aae4ec05d9c193f80514794b8395
SHA1

ad7e28ee92134bc546ed5b438bc2f2a28d1e851d
SHA256

ee7fd46c8702d64935c10c184d075c6515156ec716445aca448a687411b9dd1a
SHA512

0ee0b4d02e98e0c7f8d1854c8eaab0e6f82e0497fd09def3898c73d854a9b17d1c320d0fb07c113ae5bff3b5381b949e9d11055b1b00ff85e59bcb6daa0e74c8
SSDEEP

3072:uCoV0uyTwEwc1Iq+p/xwnvnd6fqXWIpRd:m01rJIq+pZwn/UiGIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0503aae4ec05d9c193f80514794b8395_JaffaCakes118

Files

0503aae4ec05d9c193f80514794b8395_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a19ecbb8c1ee1a5bec391cda576020e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetStartupInfoA
ExitProcess
FindResourceA
CreateFileA
VirtualAlloc
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetVersion
VirtualAllocEx
SetEndOfFile
LocalFree
MoveFileA
GetOEMCP
InitializeCriticalSection
GetProcessHeap
lstrlenA
LoadLibraryExA

user32

DrawMenuBar
GetMenuItemInfoA
MessageBoxA
EnumThreadWindows
GetSysColor
CreateWindowExA
DrawFrameControl
DrawIcon
SetWindowTextA
DrawEdge
CreatePopupMenu
BeginDeferWindowPos
EndDeferWindowPos
SystemParametersInfoA
DefMDIChildProcA
GetMenuState
RegisterClassA
FrameRect

comdlg32

GetOpenFileNameA

ole32

StringFromIID
CoCreateGuid
CoGetMalloc
WriteClassStm
CreateOleAdviseHolder
CoUnmarshalInterface

advapi32

RegDeleteValueA

msvcrt

atol
time
sprintf
wcscspn
exit
swprintf
rand
memcpy
tolower
sqrt
calloc
memmove
memset

Sections

BSS
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 115KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 299B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a19ecbb8c1ee1a5bec391cda576020e3

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

advapi32

msvcrt

Sections

BSS Size: 26KB - Virtual size: 26KB

DATA Size: 115KB - Virtual size: 203KB

.tls Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 299B

.data Size: 512B - Virtual size: 480B

BSS
Size: 26KB - Virtual size: 26KB

DATA
Size: 115KB - Virtual size: 203KB

.tls
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 299B

.data
Size: 512B - Virtual size: 480B