053eaf397704d9344c21b8978cdb3580_JaffaCakes118

General

Target

053eaf397704d9344c21b8978cdb3580_JaffaCakes118
Size

273KB
MD5

053eaf397704d9344c21b8978cdb3580
SHA1

a4b49d17cd617fe9bf1743d8bb75b0126288f274
SHA256

85aa074bfff33c4177f3853f09425d0a94524d2131ff40d4b245f558c01dc303
SHA512

b27be186accc76049e3012d9a9441f881b0a4372fe1ab8634fc8123ff63249985a8482b04f49349682f576eb4978f583e3b4eb0bf195ba2fc1a69b839223b336
SSDEEP

6144:b2MhxQrnjJJ04zMFlRxHl86Jv9g904a6QN1pllbdwkC2Vb/CxQI:bnxWjX+7LJ6C4yNLllb6kdluQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053eaf397704d9344c21b8978cdb3580_JaffaCakes118

Files

053eaf397704d9344c21b8978cdb3580_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2389e9a6362231aa37638b23d2121174

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
Sleep
HeapAlloc
HeapFree
GetProcessHeap
LocalFree
LocalAlloc
GetModuleHandleA
GetStartupInfoA

user32

SetMenuItemInfoA
BeginDeferWindowPos
GetMenuItemInfoA
GetMessageTime
DeferWindowPos
ScrollWindow
GetDlgCtrlID
GetSysColor
DrawTextW
CreateWindowExW
LockWindowUpdate
GetKeyNameTextA
GetWindowTextA
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
DrawIcon
SetForegroundWindow
GetClipboardData
IsClipboardFormatAvailable
LoadIconA
GetMessageW
TranslateMessage
DispatchMessageW
WindowFromPoint
MapDialogRect
SetCapture
ReleaseCapture
IsWindowEnabled
GetClassNameA
EndDeferWindowPos
SetScrollInfo

msvcrt

memmove
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
setbuf
malloc
free
fopen
fseek
fread
fwrite
fclose
strncmp
time
exit
wcslen
atoi
strchr
_onexit

Exports

Exports

WzxxQd

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2389e9a6362231aa37638b23d2121174

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 25KB - Virtual size: 216KB

.rsrc Size: 1024B - Virtual size: 584B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 25KB - Virtual size: 216KB

.rsrc
Size: 1024B - Virtual size: 584B

.reloc
Size: 6KB - Virtual size: 6KB