5382947322174a27f923ceb0feeeea19_JaffaCakes118

General

Target

5382947322174a27f923ceb0feeeea19_JaffaCakes118
Size

214KB
MD5

5382947322174a27f923ceb0feeeea19
SHA1

476e6a984b8b6624292e00dd25be7e97582b3ed5
SHA256

6248cdbdadc4d1cf6d775f182c4592c928809ec21505a4a16d40d29241ef017a
SHA512

8ee4991b81a8b9a51cab63de924da01ebf30da0ffca6f63f7c0922a887c9b09cb912cfd8c1dbd835e9d08236fb6c56600b1361f9c2979de1ae3ba3e2b5ec1f98
SSDEEP

3072:a52g8PbmlkbhCZJozVHw6oqPTcor8qk80NQcQ3Gc1vNy1vkh37rgb3D5Tn0Ks6I5:1jjC8O6o6cYkxNQ9B17h37SFjAuwI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5382947322174a27f923ceb0feeeea19_JaffaCakes118

Files

5382947322174a27f923ceb0feeeea19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

139d8c2e43c3343bbb17966d2d96ec1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetProcessHeap
SetEndOfFile
GetCurrentThreadId
GetCurrentProcess
ResetEvent
GetCurrentProcessId
GlobalAlloc
VirtualQuery
GetDiskFreeSpaceA
WideCharToMultiByte
GetThreadLocale
SetHandleCount
DeleteCriticalSection
GetModuleFileNameA
HeapFree
EnumCalendarInfoA
MoveFileExA
GetLastError
GetVersionExA
lstrlenA
FindClose
WriteFile
GetCPInfo
LocalAlloc
VirtualAlloc
GetDateFormatA
LoadLibraryExA
Sleep
LockResource
EnterCriticalSection
GetOEMCP
GetFullPathNameA
lstrcatA
SetEvent
GetCurrentThread
LoadResource
MulDiv
ExitProcess
lstrcpynA

user32

DrawEdge
GetForegroundWindow
RegisterClassA
GetActiveWindow
CreateIcon
GetKeyNameTextA
DefMDIChildProcA
CreateMenu
FillRect
CheckMenuItem
SetTimer
IsWindowEnabled
IsChild
GetMessagePos
CharLowerA
GetCursorPos
GetDesktopWindow
GetDCEx
ShowWindow
IsWindowVisible
GetCursor
GetMenuItemInfoA
GetPropA
GetFocus
SetWindowTextA

msvcrt

_XcptFilter
__wgetmainargs
_snprintf
tolower
mbstowcs
atol
memcpy
_itow
__p__commode
wcschr

advapi32

RegQueryValueA

shlwapi

StrNCatA
StrRChrA
IsCharSpaceA
StrToIntExA
StrFormatByteSizeA
PathIsContentTypeA
PathIsDirectoryA
SHSetValueA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 199KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139d8c2e43c3343bbb17966d2d96ec1b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shlwapi

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 199KB - Virtual size: 231KB

.init Size: 3KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 199KB - Virtual size: 231KB

.init
Size: 3KB - Virtual size: 3KB