09526fa3ca8969431e40a6880b26e988_JaffaCakes118

General

Target

09526fa3ca8969431e40a6880b26e988_JaffaCakes118
Size

73KB
MD5

09526fa3ca8969431e40a6880b26e988
SHA1

72e03c02336b724f129e1f12255c73710a04b6e2
SHA256

4631afccce0416d94d6131367a3e95e56686477fe667aea4d046c2f436982597
SHA512

97b6385ce91c27941c57dc2d1f1b76051b04f39238c92458f13f13be9d36cdf52e026286fe03f634adce1331ab7d7b027bf613c0d133d1deaa8a7ae535428355
SSDEEP

1536:LWuHqyv/kt477ql3qqVJQJzyYgfsFCRtVJqllggbmXg:LLKyv/ktW7oVIyYgMiHbgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09526fa3ca8969431e40a6880b26e988_JaffaCakes118

Files

09526fa3ca8969431e40a6880b26e988_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7c4cfca9c8bf78a5716bba5b7e9ac80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
ExitProcess
GetCommandLineW
GetFileAttributesA
GetCommandLineW
lstrcpynA
GetCommandLineW
GetStringTypeW
GetCommandLineW
GetLogicalDrives
GetCommandLineW
GetModuleFileNameA
GetCommandLineW
GetLocalTime
GetCommandLineW
GetOEMCP
GetCommandLineW
DeleteFileA
GetCommandLineW
WideCharToMultiByte
GetFileType
ExitProcess
GetModuleHandleA
GetStringTypeW
lstrcatA
GetModuleFileNameA
GetOEMCP
GetStringTypeA
lstrcmpiA
lstrcpyA
GetFileAttributesA
GetLastError
GetLocalTime
FreeLibrary
WideCharToMultiByte
GetLogicalDrives
GetCommandLineA
GlobalFree
Sleep
lstrcmpA
HeapAlloc
lstrcmpA
GetFileSize
lstrcmpiA
Sleep
GetCommandLineW
FreeLibrary
DeleteFileA
GetFileAttributesA
GetCPInfo
lstrcatA
GetOEMCP
GlobalFree
GetLocalTime
GetCommandLineA
GetStringTypeW
HeapFree
lstrcpyA
GetStringTypeA
WideCharToMultiByte
lstrcpynA

user32

CalcMenuBar
GetDC
LoadMenuA
CopyRect
CopyImage
AlignRects
DialogBoxParamW
GetMenu
DrawTextA
GetWindowTextA
DrawIcon
IsWindow
IsMenu
GetFocus
EndDialog
GetCursor
IsMenu
GetWindowTextA
DrawTextA
CloseWindow
CopyImage
CreateIcon
DialogBoxParamW
EndDialog
GetDC
GetCursor
GetMenu
GetFocus
LoadMenuA
BlockInput
AlignRects
CalcMenuBar
LoadCursorA

Sections

.tdat
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eddaa
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bas
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7c4cfca9c8bf78a5716bba5b7e9ac80

Headers

File Characteristics

Imports

kernel32

user32

Sections

.tdat Size: 15KB - Virtual size: 14KB

.rdata Size: 47KB - Virtual size: 47KB

.eddaa Size: 5KB - Virtual size: 48KB

.bas Size: - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

.tdat
Size: 15KB - Virtual size: 14KB

.rdata
Size: 47KB - Virtual size: 47KB

.eddaa
Size: 5KB - Virtual size: 48KB

.bas
Size: - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB