31177d5d6fb176fea1dae2726ef4033a_JaffaCakes118

General

Target

31177d5d6fb176fea1dae2726ef4033a_JaffaCakes118
Size

35KB
MD5

31177d5d6fb176fea1dae2726ef4033a
SHA1

ba006f20feb658c681be668d44d39399b1ad828a
SHA256

14dfc74f14074893154e2c574f419a3df849dece33865ad27045574d075e4a25
SHA512

a055f8c547a39677aa14256606eda97e1152f05e1920303ec26d258f7acc32e91be3c26351974a7cf77c67507e2745aaf145c8a17851240e169b1ee040dbdf2d
SSDEEP

768:R3xeMlVDKy9vc65maSh2FU5xJlHRHB//7jNyIkiVBoTYhuKa:NxeMrKy9vcfhEU5Fv/7jYIiTYhuKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31177d5d6fb176fea1dae2726ef4033a_JaffaCakes118

Files

31177d5d6fb176fea1dae2726ef4033a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

3d2002b1db6c3953e5f2c74e72179849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
GetTickCount
FormatMessageW
WaitForSingleObject
GetCurrentProcessId
GetCommandLineW
GetTickCount
GetCommandLineW
GetCommandLineA
GetModuleHandleA
MultiByteToWideChar
SetEvent
GetModuleHandleW
VirtualFree
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
VirtualFree
GetModuleHandleW
MultiByteToWideChar
GetModuleHandleA
LocalAlloc
FindResourceA
GetModuleHandleW
GetACP
GetACP
GetModuleHandleA
MultiByteToWideChar
GetCurrentThreadId
GetModuleHandleW

user32

LoadAcceleratorsW
PostMessageW
GetMessageW
DialogBoxParamW
GetSysColor
SendDlgItemMessageW
LoadAcceleratorsW
DialogBoxParamW
IsDlgButtonChecked
GetSysColor
SetWindowPos
EnableMenuItem
LoadAcceleratorsW
GetMenu
GetMessageW
KillTimer
LoadImageW
LoadImageW
BeginPaint
DialogBoxParamW
MoveWindow
GetDlgCtrlID
CheckDlgButton
MoveWindow
IsDlgButtonChecked
KillTimer
BeginPaint

ntdll

NtAllocateVirtualMemory

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d2002b1db6c3953e5f2c74e72179849

Headers

File Characteristics

Imports

kernel32

user32

ntdll

Sections

.text Size: 9KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 4KB

.sdata Size: 129KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 152KB

.text
Size: 9KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 4KB

.sdata
Size: 129KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 152KB