f9a654592960d298ce2f4d02dcd65ada_JaffaCakes118

General

Target

f9a654592960d298ce2f4d02dcd65ada_JaffaCakes118
Size

41KB
MD5

f9a654592960d298ce2f4d02dcd65ada
SHA1

0ce2a6576388282f4644fc03aa8ec7c95581b089
SHA256

32243ccdf998b407ea9e71ce533317aa8d60bc7702f47435a3464339e990c891
SHA512

d825946be040b202e2fd1a26df5a9ccc19c795c9d93f546ff7951069bb4f21dc503788c9334fbec0f22fb257bf9d2d939c27a66178e2544dc65c803ca52be594
SSDEEP

768:Ix4IlZ1lzWSH+c8sQHRw1EjcdR9Ghij6wrXppOJuX1CeK4CytBLqgDvG8:dIfz4s27hij9DOJuCeK7yX+gDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a654592960d298ce2f4d02dcd65ada_JaffaCakes118

Files

f9a654592960d298ce2f4d02dcd65ada_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4292acd19b90051770464054c45ed9d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
BackupRead
CreateFiber
DeleteFileW
ExitProcess
GetAtomNameA
GetCPInfoExA
GetCommMask
GetCommTimeouts
GetLogicalDriveStringsA
GetMailslotInfo
GetNamedPipeInfo
GlobalWire
IsBadStringPtrW
IsDBCSLeadByteEx
IsProcessorFeaturePresent
IsValidLocale
LoadModule
LockResource
PeekNamedPipe
QueueUserAPC
ReadConsoleA
ReadConsoleOutputA
ReadConsoleOutputCharacterA
SetConsoleCursorInfo
SetProcessShutdownParameters
VirtualProtect
WaitNamedPipeW

user32

BroadcastSystemMessageA
CallWindowProcW
CharLowerW
DdeClientTransaction
DdeCreateDataHandle
DdeQueryNextServer
DefWindowProcW
GetWindowTextW
IsCharLowerW
IsZoomed
LoadImageW
MsgWaitForMultipleObjects
OemToCharA
SendIMEMessageExW
SetMenuItemInfoA
SetWindowsHookExW
SetWindowsHookW
SubtractRect
UnhookWindowsHookEx
WINNLSGetEnableStatus
keybd_event

gdi32

Chord
CreateCompatibleDC
CreateFontW
CreatePalette
EnumEnhMetaFile
FixBrushOrgEx
GetBrushOrgEx
GetCharABCWidthsA
GetCharWidthA
GetPolyFillMode
GetStockObject
MoveToEx
PolyBezier
PolyTextOutW
SelectPalette
SetAbortProc
SetDIBits
SetICMProfileW
SetTextJustification
SetWindowExtEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4292acd19b90051770464054c45ed9d9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 40KB - Virtual size: 56KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 56KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 4KB