109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118

General

Target

109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118
Size

119KB
MD5

109da14f7ea14aca656fc404bd7e0d5c
SHA1

05135c035e406fd59d21eee22f0781eddb34dac4
SHA256

f31e9010f4c0ef6f58ab6a89931d03628d9fe1c896c7446b3db7a51fe085cfa1
SHA512

f77aa7a8e62a694ea063cd0a6c1b30670397d80e2e98c81df4cd165537301db7670efe1cc2f17db75304a37c8ba616680e967fcde90e0d075307746ba908967a
SSDEEP

3072:6zdYe6SkN2NsZQXw6QiLs3m1EplhRgKJFL:CySkNCsZvZm6plDL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118

Files

109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e494f6b28128be76714f0e9a081e66b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
_strnicmp
strncmp
strncpy
strcpy
strcat
memcpy

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
HeapAlloc
GetModuleFileNameA
Sleep
HeapDestroy
HeapFree
SetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
HeapReAlloc
DeleteFileA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
WriteFile

user32

wsprintfA
wvsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
GetForegroundWindow
GetWindowLongA
CallWindowProcA
DefWindowProcA
SetWindowLongA
SetWindowTextA
DestroyWindow
GetSysColor
LoadCursorA
LoadIconA
RegisterClassA
GetClassNameA
PostMessageA
GetParent
SendMessageA
GetWindow
ShowWindow
SetWindowPos
SetFocus
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
GetFocus
GetActiveWindow
IsChild
EnumChildWindows
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
GetKeyState
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
MoveWindow
CreateAcceleratorTableA

shell32

ShellExecuteExA

urlmon

URLDownloadToFileA

gdi32

GetStockObject
CreateBrushIndirect

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

InitCommonControls

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e494f6b28128be76714f0e9a081e66b

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

urlmon

gdi32

comdlg32

comctl32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 103KB - Virtual size: 114KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 103KB - Virtual size: 114KB