072870753569d4c8ae425d40e0eddac6_JaffaCakes118

General

Target

072870753569d4c8ae425d40e0eddac6_JaffaCakes118
Size

298KB
MD5

072870753569d4c8ae425d40e0eddac6
SHA1

de5377bb8410691e90c01bb560799eb9cb844c1c
SHA256

e8cf21831c5a7a964dc10caea959500a1f6e355368ecfb5ac756ce131e161def
SHA512

092271d30e906e89851784eea33e4a778bba8290c004337fe66bdb6eb954ffc8c4bc731dea12d9b49427b3eea4d70ca8e8f66d30012a88d7fab8371757a27e39
SSDEEP

3072:hvARIk4G6l7JBuOONOs6rgHc5VcEFFLaD2cfUsTiyuy6iu95KCJQwvNy3eGy6mn:hv/kn8JBuKs6Fc2ZaDMVyhA5NJkuGvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
072870753569d4c8ae425d40e0eddac6_JaffaCakes118

Files

072870753569d4c8ae425d40e0eddac6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

958cd664dcd3198e004a1b06c05d801b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetOEMCP
GetCurrentThread
CloseHandle
CreateEventA
DeviceIoControl
DuplicateHandle
ExitProcess
FormatMessageA
GetCommConfig
VirtualAlloc
GetCurrentProcess
GetLastError
GetModuleHandleA
GetOverlappedResult
GetTickCount
LocalFree
OpenProcess
WaitForSingleObject
lstrcpyA
lstrlenA
GetStartupInfoA
GetProcessHeap
GetCommandLineA
ReadFile

user32

DestroyWindow
DestroyIcon
GetDC
GetDlgItem
GetMessageA
GetWindowRect
GetWindowTextA
IsDialogMessageA
KillTimer
LoadBitmapA
LoadImageA
LoadStringA
PostQuitMessage
RegisterClassA
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
wsprintfA
DefWindowProcA
CreateDialogParamA
LoadIconW
LoadIconA
LoadCursorA
DispatchMessageA

gdi32

GetStockObject

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

958cd664dcd3198e004a1b06c05d801b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 252KB - Virtual size: 252KB

.data2 Size: 512B - Virtual size: 200B

.rsrc Size: 1024B - Virtual size: 776B

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 252KB - Virtual size: 252KB

.data2
Size: 512B - Virtual size: 200B

.rsrc
Size: 1024B - Virtual size: 776B