2add6a32a4d4d947788f2bad8d9d7754_JaffaCakes118

General

Target

2add6a32a4d4d947788f2bad8d9d7754_JaffaCakes118
Size

97KB
MD5

2add6a32a4d4d947788f2bad8d9d7754
SHA1

aa5340d34760056acef073479405db24d67face9
SHA256

8eb6959f769f8ef4ec0735019609781f3aa09ab25ff3f3a9d3f2dc98495fcd66
SHA512

2716647ebcbce9ca9f60f160174542b940087bf0fb810672a7ed36c928926c39dc9cb6305c8c0764d53a36b7d58465f7b533571c44a223fcc70166f73da799e8
SSDEEP

1536:3JoljsosSJxEz99fba68K7Zz+oskl5MlaEF1i08//acHGwAAC/Gykj3ehfyMhJLr:5olIxPRbaBKelZr0/avwAjoz8ycJ84/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2add6a32a4d4d947788f2bad8d9d7754_JaffaCakes118

Files

2add6a32a4d4d947788f2bad8d9d7754_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97a7dd8ce6c793338774d3b054af21f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateW
DirectInputCreateEx
DirectInputCreateA

kernel32

TlsGetValue
lstrlenA
lstrcpyA
lstrcatA
CloseHandle
CompareStringA
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceLanguagesW
ExitProcess
ExitThread
FreeResource
GetCommandLineA
GetDateFormatA
GetFileSize
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
OpenFile
ReadFile
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
VirtualAlloc

dsound

DirectSoundCaptureEnumerateA
DirectSoundEnumerateA
DirectSoundEnumerateW
DirectSoundCaptureCreate

shell32

ShellExecuteExA
ShellExecuteExW
ShellExecuteW
ShellExecuteA
SHBindToParent
SHGetMalloc

user32

EndPaint
LoadIconA
SetCursor
CloseWindow
BeginPaint
EndMenu
CreateMenu

olepro32

OleLoadPicture
OleCreateFontIndirect

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97a7dd8ce6c793338774d3b054af21f6

Headers

File Characteristics

Imports

dinput

kernel32

dsound

shell32

user32

olepro32

Sections

.text Size: 50KB - Virtual size: 52KB

.rdata Size: 28KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 50KB - Virtual size: 52KB

.rdata
Size: 28KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB