0dab902abb3d16cf7e04aa3a95fd56ef_JaffaCakes118

General

Target

0dab902abb3d16cf7e04aa3a95fd56ef_JaffaCakes118
Size

188KB
MD5

0dab902abb3d16cf7e04aa3a95fd56ef
SHA1

377ba885913fdaefb7a53c87575cfb0febc0b15c
SHA256

e144e4da424ce1b53f8ab629847aa1d05b62bc94ce4164a81c2695c93dc72c14
SHA512

68acc2b7557325d4d63d8bd45b1f24c58db685143fbf2929ea36e27106ad6b97f89e6b3121d1287f65a85bc72625c166461609a9b9e43a21d5f30a32dce09011
SSDEEP

3072:ZUeKkns96DX4WvvXbEBg+ld6+Y11UkY9yg9Po6VpEgSK2IV9OS2v:ZjH8tW3QBWj6BIao6V+gSpk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dab902abb3d16cf7e04aa3a95fd56ef_JaffaCakes118

Files

0dab902abb3d16cf7e04aa3a95fd56ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50eef53d58d2583402e3fa4830217dad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawMenuBar
CharNextW
IsWindowEnabled
CheckMenuItem
FindWindowA
GetParent
DrawTextA
ShowWindow
IsWindowUnicode
GetClassNameA
LoadIconA
BeginPaint
RemoveMenu
GetFocus
InsertMenuItemA
GetSysColorBrush
LoadCursorA
GetClientRect
DrawEdge
SetFocus
CreateWindowExA
IsWindowVisible
EnableMenuItem
GetWindowDC
IntersectRect
SetWindowLongA
RegisterWindowMessageA
GetMenu
DrawFrameControl
UnhookWindowsHookEx
CreatePopupMenu
IsDialogMessageA
GetActiveWindow
CallNextHookEx
PostMessageA
SetMenu
SetClassLongA
WaitMessage
RegisterClipboardFormatA
SetWindowTextA
CharToOemA
SystemParametersInfoA
GetCursor
DestroyIcon
GetKeyboardType
PtInRect

kernel32

MoveFileA
GetModuleHandleA
GetOEMCP
CompareStringA
InitializeCriticalSection
LocalAlloc
ExitProcess
VirtualAlloc
SetThreadLocale
lstrlenA
GetLastError
VirtualAllocEx
FindResourceA
GetVersionExA
ExitThread
GetACP
LoadLibraryA
WideCharToMultiByte
GetProcAddress

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50eef53d58d2583402e3fa4830217dad

Headers

File Characteristics

Imports

user32

kernel32

Sections

CODE Size: 33KB - Virtual size: 33KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 5KB - Virtual size: 68KB

.idata Size: 512B - Virtual size: 296B

.rsrc Size: 12KB - Virtual size: 11KB

CODE
Size: 33KB - Virtual size: 33KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 5KB - Virtual size: 68KB

.idata
Size: 512B - Virtual size: 296B

.rsrc
Size: 12KB - Virtual size: 11KB