f43dadf8546c7a022e3659740baa93d3_JaffaCakes118

General

Target

f43dadf8546c7a022e3659740baa93d3_JaffaCakes118
Size

742KB
MD5

f43dadf8546c7a022e3659740baa93d3
SHA1

4faaf15dc568c4caed8f4fbf8d66da837cfcad9d
SHA256

7b928f1351863a8d287c4f06cd7e7e8cc66d8948c5e7eeb47fba433fd8aadc2b
SHA512

48e5ac7d48b51c840fd8c93c7b863b52ade4ea077dd2a8b006fc7da0f36358880cedda09bc5eff8cdad88b6b1ffaffb7d4f315db460532eaf61a9597254b0593
SSDEEP

6144:ZNYxT4Fey38co286C4MY8L2RRmF2176cTH1enq1aq0+b7K:ZNYy3I74v8uqcerrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f43dadf8546c7a022e3659740baa93d3_JaffaCakes118

Files

f43dadf8546c7a022e3659740baa93d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b24aa7db499c7b6cb9272236d5e295f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableA
Shell_NotifyIconA

comdlg32

ReplaceTextW
GetFileTitleW

gdi32

CreateMetaFileA
CreatePatternBrush
GetTextAlign
GetOutlineTextMetricsW
Escape
CreateRoundRectRgn
GetPixelFormat
PlayEnhMetaFileRecord
FrameRgn
EnumFontsA

oleaut32

QueryPathOfRegTypeLi
SysStringLen

kernel32

GetProfileStringA
QueryDosDeviceA
GlobalFlags
VirtualUnlock
GetSystemDirectoryW
GetTickCount
GlobalAddAtomW
SetEnvironmentVariableW
ExitProcess
LocalAlloc
TlsGetValue
LocalReAlloc
PurgeComm
GlobalFindAtomA
SetVolumeLabelA
GetThreadPriority

user32

UnionRect
ChildWindowFromPoint
DragDetect
FlashWindowEx
ChildWindowFromPointEx
EnumWindowStationsA
mouse_event
RegisterClipboardFormatW
DispatchMessageW
GetGuiResources
SetWindowTextW
WaitMessage
TabbedTextOutA
LoadMenuW
SetUserObjectSecurity
CharUpperA
LoadMenuA
CharPrevW
GrayStringA
WinHelpW
GetProcessDefaultLayout
MapVirtualKeyA
MonitorFromPoint
LoadKeyboardLayoutW

ws2_32

WSAGetServiceClassNameByClassIdW
htonl
ntohl
WSAAsyncGetServByPort
WSAAddressToStringW

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b24aa7db499c7b6cb9272236d5e295f

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

oleaut32

kernel32

user32

ws2_32

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 376KB - Virtual size: 375KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 376KB - Virtual size: 375KB

.rsrc
Size: 32KB - Virtual size: 31KB