28966e8f256b02270d4a52549dff324f_JaffaCakes118

General

Target

28966e8f256b02270d4a52549dff324f_JaffaCakes118
Size

411KB
MD5

28966e8f256b02270d4a52549dff324f
SHA1

f1a3f4e08c5dac419913e7e17a75592ee0164c01
SHA256

f4768a843b2a3d4b1279b14ac53ec10ebb1c98e56dee99955596fdf2dbad4be7
SHA512

52c58500a3dbff0442652df03e3815ba0b2ee3b7c0d7ecf716b60aa91b2734863e2eeb1572f8937f82c6f9bae1b470a9f0a25647f4abe44e0346afed4ba80644
SSDEEP

12288:0ZdLurxHD4dsP5yGv5eax53dsLSsTRCb:rqaPMO3x5NXsTRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28966e8f256b02270d4a52549dff324f_JaffaCakes118

Files

28966e8f256b02270d4a52549dff324f_JaffaCakes118
.exe windows:32685 windows x86 arch:x86

5799ab199403e17fd1a28a2c4d0b7940

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
VirtualAlloc
GetModuleHandleW
GetVersionExA
CloseHandle
GetACP
lstrcpyW
GetStartupInfoW
LeaveCriticalSection
CreateFileW
VirtualFree
InterlockedDecrement
SetFilePointer
WriteFile
GetACP
InterlockedIncrement
SetEvent
GetModuleFileNameA
GetModuleFileNameA
WriteFile
EnterCriticalSection
GetVersionExA
GetCommandLineA
Sleep
Sleep
GetModuleFileNameA
GetModuleHandleW
LocalFree
GetProcessHeap
GetCurrentProcess
VirtualAlloc

user32

GetSysColor
SetRect
EnableMenuItem
GetDlgItemTextW
LoadAcceleratorsW
FindWindowW
DefWindowProcW
MapWindowPoints
LoadAcceleratorsW
ReleaseCapture
IsDlgButtonChecked
wsprintfW
RegisterClassExW
SetCursor
MessageBeep
GetClientRect
SetCapture
ReleaseDC
IsDlgButtonChecked
LoadStringW
GetFocus
GetSysColor
FindWindowW
wsprintfA
DestroyWindow
SendMessageW
ScreenToClient
DestroyIcon
PostMessageW
MessageBeep
GetMenu
IsWindow
SetDlgItemTextW
SetWindowPos
LoadStringW
DestroyWindow
SystemParametersInfoW
GetDlgCtrlID
SetDlgItemTextW

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5799ab199403e17fd1a28a2c4d0b7940

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 9KB - Virtual size: 12KB

.data Size: 388KB - Virtual size: 964KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 12KB

.data
Size: 388KB - Virtual size: 964KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB