0727e0fd97fd2793975100488f4a0ddd_JaffaCakes118

General

Target

0727e0fd97fd2793975100488f4a0ddd_JaffaCakes118
Size

150KB
MD5

0727e0fd97fd2793975100488f4a0ddd
SHA1

086765fce537fd0124c4c3ec44193cb3da046820
SHA256

c6f80884a9223a772643de57ee8a63245a1835e405f56878590f3cf9d248e7cc
SHA512

78538fba91f05b6b5bd3a9bfa2d1cb2e75206cd283c6471deaf576988259b82edf9a9d9ec1bd06a52b7c9864dddc43f6a6e06e929b98d81c14fdda7645ab950f
SSDEEP

3072:c/dkg11H9+3u9KQeaK5DssPtb/cX9TWbS+hONCDxKxAYjgS:FgzH9iFQet5wsR/M9TW2cDxKsS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0727e0fd97fd2793975100488f4a0ddd_JaffaCakes118

Files

0727e0fd97fd2793975100488f4a0ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd27b5175e03eef186d81789ce93be80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
MoveFileExA
ReadFile
GetDiskFreeSpaceA
EnterCriticalSection
GetLocalTime
GetCurrentProcess
lstrlenA
ExitProcess
CloseHandle
GetSystemDefaultLangID
GetFullPathNameA
GetCurrentProcessId
LocalReAlloc
FreeResource
GetProcAddress
GlobalAddAtomA
SetErrorMode
EnumCalendarInfoA
GlobalAlloc
FindResourceA
GetCommandLineA
WaitForSingleObject
GlobalFindAtomA
HeapAlloc
GetACP
WriteFile
VirtualAlloc
GetTickCount
GetCurrentThread
GetFileAttributesA
lstrcatA
SetEndOfFile
Sleep
lstrcpynA
LocalAlloc
DeleteFileA
LockResource
MoveFileA
GetOEMCP
LocalFree
LoadLibraryExA

user32

GetScrollRange
SetWindowPos
DispatchMessageW
IsWindowVisible
CallWindowProcA
GetCapture
CreateMenu
GetMenuStringA
CallNextHookEx
EnumThreadWindows
EndDeferWindowPos
CreatePopupMenu
MessageBoxA
SetWindowLongA
GetDesktopWindow
EqualRect
EndPaint
CreateWindowExA
CharLowerBuffA
GetClassLongA
CheckMenuItem
IsChild
GetParent
DrawEdge

ole32

MkParseDisplayName
OleRun
CreateBindCtx
WriteClassStm
CoReleaseMarshalData
CoDisconnectObject
CoUninitialize
CreateOleAdviseHolder

Sections

CODE
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 137KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd27b5175e03eef186d81789ce93be80

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

CODE Size: 9KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 2KB

DATA Size: 137KB - Virtual size: 240KB

BSS Size: 512B - Virtual size: 386B

CODE
Size: 9KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 2KB

DATA
Size: 137KB - Virtual size: 240KB

BSS
Size: 512B - Virtual size: 386B