530580709ed40786ca67a75898370a1a_JaffaCakes118

General

Target

530580709ed40786ca67a75898370a1a_JaffaCakes118
Size

128KB
MD5

530580709ed40786ca67a75898370a1a
SHA1

95f67aa226265e7c89354cb876159701f280de48
SHA256

952336ab08d3a1a6460523170b0e05785528c49f1f87930cf7f87476dad17169
SHA512

0946b8d0b16c7dd99c67261fae110d2412ca024db2e330ad14f8899f1add98e78f4bdc1275bea922a954585a0dbd20b0c6d500ef1ab5353006241c2e6f85ea78
SSDEEP

3072:gJY16KyBDvLG313X6jKwXHVgoP6jWVveguCnj4jzfOguq:gJlKeTYn5wXVgK6jYveRCj4jzHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
530580709ed40786ca67a75898370a1a_JaffaCakes118

Files

530580709ed40786ca67a75898370a1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2220a85337460baad0215508104a518

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

CreateMutexW
SizeofResource
ReleaseMutex
CreateProcessW
GetModuleFileNameW
FreeEnvironmentStringsA
GlobalAlloc
GetProcAddress
MultiByteToWideChar
LoadLibraryW
EnumResourceLanguagesA
WaitForSingleObject
SetCurrentDirectoryW
lstrlenW
CloseHandle
GetModuleHandleW
FreeLibrary
ExitProcess
LockResource
GetLastError
InterlockedExchange
FindResourceW
LoadResource
CompareStringA

user32

IsIconic
DestroyWindow
SetMenuItemBitmaps
SetActiveWindow
GetClientRect
GetDesktopWindow
GetKeyState
LoadBitmapW
CreateDialogIndirectParamW
IsWindowVisible
CreateWindowExW
SetTimer
UpdateWindow
PostMessageW
EndDialog
SetWindowPos
GetDlgItem
PeekMessageW
MessageBeep
InvalidateRgn
GetWindowLongW
IsWindowEnabled
GetParent
DrawIcon
GetSystemMetrics
EnableMenuItem
SetWindowContextHelpId
GetFocus
IsWindow
GetNextDlgTabItem
GetMenuState
ModifyMenuW
PostQuitMessage
SetMenu
CheckMenuItem
EnableWindow
GetMenuCheckMarkDimensions
GetActiveWindow
GetCursorPos
MapDialogRect
DispatchMessageW
GetSysColorBrush
ValidateRect
GetNextDlgGroupItem
GetWindow
TranslateMessage

comctl32

InitCommonControlsEx

oledlg

OleUIBusyW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2220a85337460baad0215508104a518

Headers

File Characteristics

Imports

oleacc

kernel32

user32

comctl32

oledlg

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 1024B - Virtual size: 204KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1024B - Virtual size: 204KB