100fda555c5889d11dbb3729cac2281f_JaffaCakes118

General

Target

100fda555c5889d11dbb3729cac2281f_JaffaCakes118
Size

1007KB
MD5

100fda555c5889d11dbb3729cac2281f
SHA1

2487491bb782a1acb07d87da85ca97d1ca3186be
SHA256

c2c6351d88d8074e0b120704f73212bd3d33fbd08831d76dbb74a81425363713
SHA512

cde7b9464ee599f3992b4678dd6cb9bb1901c558c064a174d59120a828d20d49e5698b4d561a29271682a36fc334c8b3d16a67d46f7ebe71f4f741b9af06bdee
SSDEEP

24576:HVvu+6JMBPTgNjv/RonmwVPiSNYOK8VS1lpCeBG:57X1TgND5onlVbYOKqWl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
100fda555c5889d11dbb3729cac2281f_JaffaCakes118

Files

100fda555c5889d11dbb3729cac2281f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd99565b3f3d1a798828430003a8652a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
IsMenu
CopyRect
DrawTextW
GetWindowTextLengthA
GetDC
DrawTextA
EndDialog
DialogBoxParamW

kernel32

CreateThread
GetCPInfo
ReadConsoleA
GetComputerNameA
WriteFile
GetConsoleMode
DeleteAtom
GetCommandLineA
DeleteFileW
GetFileSize
OpenFile
GlobalFree
ExitThread
Sleep
GetFileTime
FindFirstFileA
OpenFileMappingA
GetLastError
CreateProcessA
FindAtomA
ReadFile
GetStdHandle

comctl32

CreateMappedBitmap
DllGetVersion
ImageList_Copy
DrawStatusText
CreateToolbarEx
ImageList_DrawEx
ImageList_Create
ImageList_Destroy
CreateStatusWindowW

advapi32

RegQueryValueExW
RegCreateKeyExA
RegEnumValueA
RegEnumKeyExW
RegCreateKeyW
RegQueryValueA
RegOpenKeyExW
RegDeleteValueW
RegDeleteValueA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 936KB - Virtual size: 17.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd99565b3f3d1a798828430003a8652a

Headers

File Characteristics

Imports

user32

kernel32

comctl32

advapi32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 936KB - Virtual size: 17.5MB

.tls Size: 512B - Virtual size: 237B

.rdata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 38KB - Virtual size: 57KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 936KB - Virtual size: 17.5MB

.tls
Size: 512B - Virtual size: 237B

.rdata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 38KB - Virtual size: 57KB