f5aa1a1eb47604938dfe88e1cfd51be9_JaffaCakes118

General

Target

f5aa1a1eb47604938dfe88e1cfd51be9_JaffaCakes118
Size

10KB
MD5

f5aa1a1eb47604938dfe88e1cfd51be9
SHA1

2d5f33cef836b7b6fde7ddfdceab69f176200d20
SHA256

0f00efcdf6ff63bbfd55380738f7eecfb3429beea08ffe3c45f897447ee96e0c
SHA512

1a4c71f0b934972cba98f339a86ea1eef1e8171b15145a107b4b1471816139245a7efe3ed8d906f9a18c363822cdba276be6067b438903a72a3eae0875fded45
SSDEEP

192:IEviy4/hymBAyTgxjR4A7OYRM4y8eYFxk4JGjWfosK9W8Lg55tDQEE:IEvaymAOA7OiMX8ePuGSfosK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5aa1a1eb47604938dfe88e1cfd51be9_JaffaCakes118

Files

f5aa1a1eb47604938dfe88e1cfd51be9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a5f05708e808bcc56a5ab8b40cef35a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupWrite
CreateEventA
CreateFileMappingW
CreateMailslotW
CreateThread
DebugBreak
EnterCriticalSection
ExitProcess
GetProfileSectionA
GetTapeStatus
GetThreadTimes
GlobalDeleteAtom
GlobalGetAtomNameW
InterlockedCompareExchange
IsBadHugeWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
PulseEvent
QueryDosDeviceW
ReadConsoleOutputCharacterW
SetFileAttributesA
UnlockFile
WaitNamedPipeA
WriteConsoleOutputAttribute
WriteFileEx
lstrcpyA
lstrlenW

user32

CreateMDIWindowW
DdeDisconnectList
DdePostAdvise
DdeQueryNextServer
DefDlgProcW
DestroyIcon
DrawTextA
EnumPropsExW
GetKeyNameTextW
GetMenuItemRect
GetSysColorBrush
GetSystemMenu
GetUpdateRect
GetWindowContextHelpId
GetWindowTextLengthA
InvalidateRect
InvertRect
MsgWaitForMultipleObjectsEx
OpenInputDesktop
PostMessageA
RegisterClassW
SetDebugErrorLevel
SetInternalWindowPos
SetMessageQueue
SetProcessDefaultLayout
ShowScrollBar
VkKeyScanExW
wsprintfW

gdi32

AnimatePalette
CopyMetaFileA
CreateDiscardableBitmap
CreateICA
EndPage
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
GetClipBox
GetColorSpace
GetCurrentPositionEx
GetEnhMetaFileA
GetEnhMetaFileDescriptionA
GetGraphicsMode
GetLayout
GetNearestColor
GetObjectA
GetPolyFillMode
PlayMetaFile
PlayMetaFileRecord
PlgBlt
ResizePalette
SelectObject
SetBrushOrgEx
SetICMProfileW
SetMagicColors

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a5f05708e808bcc56a5ab8b40cef35a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 8KB - Virtual size: 12KB

.xdata Size: - Virtual size: 20KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 12KB

.xdata
Size: - Virtual size: 20KB

.rsrc
Size: - Virtual size: 8KB