0fb44b1698098c374823634fdd72fc89_JaffaCakes118

General

Target

0fb44b1698098c374823634fdd72fc89_JaffaCakes118
Size

152KB
MD5

0fb44b1698098c374823634fdd72fc89
SHA1

c324473544dd39c422ca5b114e5db641201ec872
SHA256

ab32abff41b8e43e780b7c983ff114e4759266c9ed93b48b40f8ed9bfdc2b67a
SHA512

a2930e6c62f345438ba7ae336a05ccdc10de398026adccf3ca07744db1454998ab1743db28632d8a2b2e4ea17ab6eb5c59fea6851873dd7fc0562010ef301f04
SSDEEP

3072:+PW8RPrU85KiFT1xoyEZyBbFiL30SaVDGSgmrvdmtHX2anACt:URzYGPBb00ScDzgmpc32anft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb44b1698098c374823634fdd72fc89_JaffaCakes118

Files

0fb44b1698098c374823634fdd72fc89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcdb32fe3d5fbd8e805b4ac56505ecca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
LockResource
GetStringTypeA
HeapDestroy
GetCommandLineA
lstrcatA
GetModuleHandleA
WriteFile
CreateThread
GetVersionExA
ExitProcess
GetDiskFreeSpaceA
EnumCalendarInfoA
GetStartupInfoA
ExitThread
InitializeCriticalSection
FindFirstFileA
GlobalAddAtomA
VirtualAlloc
CloseHandle
LoadLibraryA
ResetEvent
GetProcessHeap
WaitForSingleObject
lstrcpyA
SizeofResource
lstrcmpiA
Sleep
SetHandleCount
SetEndOfFile
GetLocalTime
LocalAlloc
EnterCriticalSection
GetCurrentProcess
GetUserDefaultLCID
LocalReAlloc
FindResourceA
GetCurrentThread
lstrcmpA
GetProcAddress
ReadFile
SetEvent
GetCPInfo
GetACP
GetLastError
GlobalAlloc
GetOEMCP
VirtualQuery
RaiseException
HeapFree
SetThreadLocale
LoadResource
CreateFileA
FreeLibrary
WideCharToMultiByte
GetStringTypeW
lstrlenA

user32

IsMenu
GetMessagePos
CreateWindowExA
FillRect
GetCursorPos
GetPropA
EnumThreadWindows
GetCursor
GetActiveWindow
CreateMenu
GetScrollInfo
GetFocus
GetMenuItemInfoA
IsChild
SystemParametersInfoA
DefMDIChildProcA
GetMenuState
GetClassLongA
IsWindowVisible
GetWindow
CheckMenuItem

Sections

CODE
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcdb32fe3d5fbd8e805b4ac56505ecca

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: 10KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 82KB

DATA Size: 134KB - Virtual size: 133KB

.init Size: 4KB - Virtual size: 4KB

CODE
Size: 10KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 82KB

DATA
Size: 134KB - Virtual size: 133KB

.init
Size: 4KB - Virtual size: 4KB