538a77ef2ac2461a9dfa12fd9b6978de_JaffaCakes118

General

Target

538a77ef2ac2461a9dfa12fd9b6978de_JaffaCakes118
Size

20.0MB
MD5

538a77ef2ac2461a9dfa12fd9b6978de
SHA1

cfe3f06c006c31ec5f34586d11a9f4e3aaaa2e12
SHA256

e487331d64579cb17db34a358bc79244a4f1dd029d3da9197ace0f1d10b9bebd
SHA512

0ce9f0a8ba71e6d343a40ca3970664d8a393aa55f3678908dbd61bd00c118d27b24332046b3740b51bafdeeaa1162270f9c3bb3a1d9ba96f40be7a066faf0bb2
SSDEEP

393216:kUcVYqhNXRfFKkY86did6mibLBtpcBw9DVO7VXq+cCWQFw:zcVLfX3Km68NiH3u4xOB6VQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538a77ef2ac2461a9dfa12fd9b6978de_JaffaCakes118

Files

538a77ef2ac2461a9dfa12fd9b6978de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be16025731b31ff474ec7a646e6e69e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetEnvironmentStrings
lstrlenA
WideCharToMultiByte
DeleteCriticalSection
SetHandleCount
TlsAlloc
HeapAlloc
lstrlenW
MultiByteToWideChar
InitializeCriticalSection
GetTickCount
ExitProcess
LCMapStringA
GetCurrentDirectoryW
lstrcatW
GetLocaleInfoW
GetLastError
CopyFileExA
CreateFileA

user32

EqualRect
GetSysColor
SendMessageA
DestroyWindow
CopyRect
CreateWindowExW
IntersectRect
KillTimer
MessageBoxA
LoadIconW
SetRect
GetDlgCtrlID
SetWindowPos
PtInRect
DefWindowProcW
PostMessageA
SystemParametersInfoW
wsprintfA
CallWindowProcW

gdi32

SetTextColor
ExtTextOutA
PatBlt
GetTextExtentPoint32W
SetROP2
LPtoDP
IntersectClipRect
GetBkMode

advapi32

CryptHashData
CryptGenKey
RegDeleteKeyW
RegNotifyChangeKeyValue
GetSecurityDescriptorDacl
RegQueryValueExA
RegSetValueExW
RegCreateKeyExW

msvcrt

puts

shlwapi

StrCmpW
StrChrA

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be16025731b31ff474ec7a646e6e69e3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

shlwapi

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 10KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 164KB - Virtual size: 162KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 10KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 164KB - Virtual size: 162KB