538ab0cef8c62790de06c22884571685_JaffaCakes118

General

Target

538ab0cef8c62790de06c22884571685_JaffaCakes118
Size

307KB
MD5

538ab0cef8c62790de06c22884571685
SHA1

7a538763402d9a37b8ae9c72698f459c9bd1c154
SHA256

019f2530c4b75c2f5d9c053273f9d5705f584c9fe34b83ba31cd3154b4232139
SHA512

1d9700fd88a1d4becf0630969149df2f8486921880df521c2da983a6febf157faf225806f4e4a56c67e9cf426cd2b3c23f9f445b470c7798bb3932e9dc050cfd
SSDEEP

6144:elv8Cmu64pJxhvddCH0wGq7CvuzzIOs2JWqZpi8c8mGGVSWoP7sRuM:elkCf64DxhV7wGbkW4Rwrozs8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538ab0cef8c62790de06c22884571685_JaffaCakes118

Files

538ab0cef8c62790de06c22884571685_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f511bb7e82bf84fcabdd77815af18ad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetLastError
LoadLibraryExA
ExitProcess
ExitThread
IsBadHugeReadPtr
VirtualAlloc
GetProcAddress
GetCommandLineW
GetModuleHandleW
GetModuleHandleA

ole32

CoCreateGuid
ReleaseStgMedium
StringFromIID

user32

PtInRect
ReleaseDC
RedrawWindow
RemovePropA
RegisterClassA
SendMessageA
RegisterWindowMessageA
PeekMessageA
LoadKeyboardLayoutA
SendMessageW
MapVirtualKeyA
ReleaseCapture
ScrollWindow
RegisterClipboardFormatA
LoadBitmapA
OpenClipboard
MessageBoxA
MapWindowPoints
ScreenToClient
RemoveMenu
PeekMessageW
LoadCursorA
PostQuitMessage
LoadIconA
MessageBeep
OffsetRect
SetActiveWindow
PostMessageA
OemToCharA
LoadStringA

Sections

CODE
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f511bb7e82bf84fcabdd77815af18ad6

Headers

File Characteristics

Imports

kernel32

ole32

user32

Sections

CODE Size: 53KB - Virtual size: 52KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 238KB - Virtual size: 238KB

.bdata Size: 1KB - Virtual size: 1KB

DATA Size: 8KB - Virtual size: 8KB

.cdata Size: 1024B - Virtual size: 690B

.rsrc Size: 1024B - Virtual size: 836B

CODE
Size: 53KB - Virtual size: 52KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 238KB - Virtual size: 238KB

.bdata
Size: 1KB - Virtual size: 1KB

DATA
Size: 8KB - Virtual size: 8KB

.cdata
Size: 1024B - Virtual size: 690B

.rsrc
Size: 1024B - Virtual size: 836B