0a76780f2603a74c64966aa2cc875129_JaffaCakes118

General

Target

0a76780f2603a74c64966aa2cc875129_JaffaCakes118
Size

477KB
MD5

0a76780f2603a74c64966aa2cc875129
SHA1

1d89e4609dce6c3a5a2ad1b615cf9659dcdbd625
SHA256

63793335f52636a95369c3a39662c5141f492d6b966a6b7e492bccb907126303
SHA512

439a286c23fab0f20dd5d20d5038fcdf0dcf8685be404bc171b37ec57284697591468ef189e42f842fe93bfd9aaf9eb860b762e745cdaae4ee9030f0b0a87019
SSDEEP

12288:4QH/fBaFSI3qSMwThxVy24nNw9D/tDr54Z:4QH/fBan3DMwFZD/Zr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a76780f2603a74c64966aa2cc875129_JaffaCakes118

Files

0a76780f2603a74c64966aa2cc875129_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0aa2592b70a12690be82047a18f5e03f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
FindResourceA
LockResource
LoadResource
GlobalAlloc
GetModuleHandleA
SizeofResource
CreateThread
ResumeThread
SetThreadPriority
Sleep
SuspendThread
ExitProcess
ExitThread
CloseHandle

user32

SetWindowLongA
SetWindowPos
SendMessageA
SetFocus
GetDlgCtrlID
ReleaseCapture
SetDlgItemInt
GetCursorPos
GetCapture
EndDialog
DialogBoxParamA
CallWindowProcA
AnimateWindow
wsprintfA
LoadCursorA
PtInRect
LoadIconA
GetWindowLongA
InvalidateRect
GetWindowRect
UpdateWindow
GetDlgItem
SetCapture
SetCursor
ShowWindow

gdi32

GetStockObject
CreateSolidBrush
SetBkMode
SetBkColor
SetTextColor

comctl32

InitCommonControls

shell32

ShellExecuteA

winmm

waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutRestart
waveOutReset
waveOutPause
waveOutOpen
waveOutGetPosition
waveOutClose

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aa2592b70a12690be82047a18f5e03f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

winmm

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 30KB

.rsrc Size: 456KB - Virtual size: 455KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 30KB

.rsrc
Size: 456KB - Virtual size: 455KB