f9a8ce9e0286053cd9335b80a1a10475_JaffaCakes118

General

Target

f9a8ce9e0286053cd9335b80a1a10475_JaffaCakes118
Size

273KB
MD5

f9a8ce9e0286053cd9335b80a1a10475
SHA1

6b40285072e5fb7087fd6aa501a55e90dda19586
SHA256

bd496e35d3d147285f1bf404523b8b5d84de5f6a85de973bfa143611f1f4a167
SHA512

aecf480580ad9f1da275425c4eb5ea357e669bf98f629da0498db5272e1baec0876278e2c3a3eadd219a0df8cc9d08a8980d2052513a0deb8a7c5b4ffd2ff657
SSDEEP

6144:7v0fDj1qeol0jJTvYVzprU5SSSO+erd2DSCQiPMaDMRgpNHvH1:7v0fDj1foej2pBSmeMSMBNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a8ce9e0286053cd9335b80a1a10475_JaffaCakes118

Files

f9a8ce9e0286053cd9335b80a1a10475_JaffaCakes118
.exe windows:4 windows x86 arch:x86

268e690c74c2728f9e5202b86a1ab089

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CallNamedPipeA
CreateMutexA
CreateRemoteThread
CreateWaitableTimerW
DefineDosDeviceW
DeleteAtom
DeviceIoControl
ExitProcess
FindResourceA
GetCalendarInfoA
GetCommandLineW
GetLastError
GetModuleFileNameA
GetNamedPipeHandleStateW
GetStringTypeW
GetVersionExA
GlobalFindAtomA
IsBadHugeReadPtr
OpenEventW
OpenSemaphoreA
QueryDosDeviceW
ScrollConsoleScreenBufferA
SetConsoleScreenBufferSize
SetProcessAffinityMask
SetStdHandle
UnmapViewOfFile
VirtualFree
WriteFile
WritePrivateProfileStructW
lstrcatA

user32

CallMsgFilter
CharLowerBuffA
CharPrevA
CharToOemA
CharUpperW
CreateAcceleratorTableA
DefFrameProcW
DefMDIChildProcW
DialogBoxIndirectParamA
DispatchMessageW
DlgDirSelectComboBoxExW
EnumPropsA
GetCursorInfo
GetInternalWindowPos
IMPGetIMEA
IntersectRect
IsCharAlphaNumericW
IsCharAlphaW
LoadImageW
MenuItemFromPoint
MessageBoxExA
MonitorFromRect
SendNotifyMessageA
SendNotifyMessageW
SetTimer
SetWinEventHook
VkKeyScanExW
VkKeyScanW

gdi32

CheckColorsInGamut
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
CreateICA
Ellipse
GetArcDirection
GetBrushOrgEx
GetCharWidthW
GetRasterizerCaps
GetTextFaceW
LineTo
MoveToEx
SetAbortProc
SetBoundsRect
SetEnhMetaFileBits
SetTextJustification
SetWindowOrgEx
TextOutA
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

268e690c74c2728f9e5202b86a1ab089

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 269KB - Virtual size: 288KB

.rdata Size: - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 480KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 269KB - Virtual size: 288KB

.rdata
Size: - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 480KB