43c394d42380f06c09cd22cfb6bc9f38_JaffaCakes118

General

Target

43c394d42380f06c09cd22cfb6bc9f38_JaffaCakes118
Size

5.3MB
MD5

43c394d42380f06c09cd22cfb6bc9f38
SHA1

dd5cfe3d44b19aca944f28b92b2a54a5a6115edc
SHA256

bea19f19412cc160b6a017be84d9f0abf06a5cc8a8259b791618fc04dac3642c
SHA512

3ea2e7d243ef116868b02e712aeb2bb135cfa8f1a4924da5a5ee1f9e467e038055bd16c8f0dc9475ab18403762fdc3204097b7ab288b1b01a5be8cfb21398905
SSDEEP

49152:z54GY1Cyv2nWRyKyJ1gVgG9l5q2zwC3o7CkzoS8djeBXSQJHsqha:zhi9+GyKaq+Ak2zwC3SPoC1mqM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c394d42380f06c09cd22cfb6bc9f38_JaffaCakes118

Files

43c394d42380f06c09cd22cfb6bc9f38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ed66a95f215f1831161ee6cd76df0bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
ResetEvent
VirtualFree
FreeEnvironmentStringsW
InterlockedIncrement
SetHandleCount
LeaveCriticalSection
GetCPInfo
IsDebuggerPresent
GetProcessHeap
GetACP
MultiByteToWideChar
CreateFileA
UnmapViewOfFile
SetEvent
GetCurrentProcessId
DeleteFileW
TlsAlloc
LocalAlloc
GlobalAlloc
ReleaseMutex
FindClose
GetCurrentDirectoryW
lstrcatW
GetLocaleInfoW
GetLastError
CopyFileExA
FormatMessageW
lstrlenA

user32

TranslateMessage
DestroyWindow
KillTimer
PtInRect
MessageBoxW
ReleaseDC
CopyRect
DrawFocusRect
PeekMessageW
IntersectRect
GetWindow
InvalidateRect
DialogBoxParamW

gdi32

GetTextExtentPointW
IntersectClipRect
SetBkMode
CreateRectRgnIndirect
Rectangle
GetDeviceCaps
PlayMetaFile
TextOutW
ExtTextOutW

advapi32

CheckTokenMembership
RegOpenKeyA
RegQueryInfoKeyA
ControlService
LookupPrivilegeValueW

msvcrt

puts

shlwapi

StrChrA
StrCmpW

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed66a95f215f1831161ee6cd76df0bf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

shlwapi

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 20KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 88KB - Virtual size: 86KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 20KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 88KB - Virtual size: 86KB