0754977cf78c04f276612b123d024060_JaffaCakes118

General

Target

0754977cf78c04f276612b123d024060_JaffaCakes118
Size

64KB
MD5

0754977cf78c04f276612b123d024060
SHA1

e0ca98da41194cf0b974f537eb4df7e5c34e6345
SHA256

f437e5d3d12b1205d0478f8010bb3997674de4b884bc9fd48c0ecfc0c6e6ccf6
SHA512

0b63ff44c7c3483b06b568b1b7731a46744661f815982aece93c7065a5173c0d3dc9c3af7a387dc00282ba855cfd3f61972737b560aeeef55eedf863ebf6bbf1
SSDEEP

1536:wygs3cEtU5+SFPmyn2fVC3vIwwrs0oGImV8Hd4:7/U5+MmII0fss0o5d4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0754977cf78c04f276612b123d024060_JaffaCakes118

Files

0754977cf78c04f276612b123d024060_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef5ad40ae94273a60cd7ca7b161cc7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
Sleep
WaitForSingleObject
GlobalReAlloc
LoadLibraryA
GetProcAddress
lstrlenA
GlobalUnlock
GlobalFree
LocalFree
IsBadReadPtr
MultiByteToWideChar

user32

GetClassNameW
SystemParametersInfoA
GetWindowTextLengthW
GetMenu
SetRect
IsWindowVisible
GetNextDlgTabItem
GetIconInfo
GetSysColorBrush
SetWindowsHookExW
SetMenu
LoadStringW
wsprintfW
DestroyWindow
DeleteMenu
PostMessageW

gdi32

GetTextExtentPoint32W
PatBlt
SelectObject
GetTextMetricsW
CreatePolygonRgn
DeleteDC
CreateFontIndirectW
DeleteObject

advapi32

RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExA
RegSetValueExW

shell32

SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHGetSpecialFolderPathW
ExtractIconW

ws2_32

connect
WSAStartup
closesocket
recv
ioctlsocket
send
select
shutdown

msvcrt

vswprintf
wcsncpy
exit
toupper
iswdigit
realloc
malloc
swscanf
wcstol
wcscmp
wcsstr
free
wcstoul
wcsrchr
wcslen
wcscat
tolower
iswspace
wcschr
swprintf

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef5ad40ae94273a60cd7ca7b161cc7c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 25KB - Virtual size: 425KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 25KB - Virtual size: 425KB

.rsrc
Size: 19KB - Virtual size: 18KB