16b759db30d57712232816396dd1d7f6_JaffaCakes118

General

Target

16b759db30d57712232816396dd1d7f6_JaffaCakes118
Size

115KB
MD5

16b759db30d57712232816396dd1d7f6
SHA1

ec22dc490c4fba30bcfc79c1670bb295f1f1e4fe
SHA256

7aeefddf4940442d89670e27bc34ced868ac3ed596efb7168e4598643281cc67
SHA512

821952e6f315eee6123d8713bd8ad7d9013fbbb993403ccbd8c2500892e472281122353bd55b0cb5fc824df0b4e4435cf273e387ae77f95160a329faa02ae7b4
SSDEEP

1536:4g2vDiVNRv1P3FlYyyLYvuveGcRWRR+IxYdr/ESgG:eveVNb3mNTxYZ/GG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b759db30d57712232816396dd1d7f6_JaffaCakes118

Files

16b759db30d57712232816396dd1d7f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

327cc7fa367c7a8b8e1870efcaccb255

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
SendMessageA
RegisterClassExA
PostQuitMessage
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InflateRect
GetMessageA
GetDlgItemTextA
CheckDlgButton
CreateDialogParamA
DefWindowProcA
DestroyWindow
DispatchMessageA
DrawFocusRect
DrawTextA
EnableWindow
GetDlgItem

kernel32

CreateThread
LocalFree
LockResource
Sleep
_lclose
_llseek
_lopen
_lread
VirtualAlloc
lstrcpyA
CloseHandle
CreateFileA
ExitProcess
FindResourceA
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
LoadResource
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetUnhandledExceptionFilter
SizeofResource
LocalAlloc
VirtualFree
WriteFile
lstrcatA

shell32

ShellExecuteA

comctl32

InitCommonControls

advapi32

RegQueryValueExA
RegOpenKeyA

gdi32

CreateSolidBrush
GetStockObject
RoundRect
SelectObject
SetTextColor
SetBkMode
SetBkColor

winmm

waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

327cc7fa367c7a8b8e1870efcaccb255

Headers

File Characteristics

Imports

user32

kernel32

shell32

comctl32

advapi32

gdi32

winmm

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 1.0MB

.rsrc Size: 94KB - Virtual size: 93KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 1.0MB

.rsrc
Size: 94KB - Virtual size: 93KB