f9bed28131bd4080b56d34097b046ed1_JaffaCakes118

General

Target

f9bed28131bd4080b56d34097b046ed1_JaffaCakes118
Size

272KB
MD5

f9bed28131bd4080b56d34097b046ed1
SHA1

7775195610178cc7f64b7fd4fa9d9502441a8299
SHA256

c5918452ef668c558c92378cf1a9df40bdb363b85488e4f615fcd8f566e927d4
SHA512

3fe91ed5d5c36437241db1ba7461f50ead9bde18356dd3138daca7c8598099369142e5aa6152a36853dc965c921651da276c8d2057477aa137353b2d32eec0f8
SSDEEP

6144:SwG2iXEmr0OLbb+qbrBXQmmhIoWrh1WaDDga5zvIcbMg/zuZ2DTATftdXBzYGgm3:PFuThbrBTmher3WODga5zT4szuETATfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9bed28131bd4080b56d34097b046ed1_JaffaCakes118

Files

f9bed28131bd4080b56d34097b046ed1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

430a18e4374f8a9aa11139f637fe13fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CancelIo
ConvertThreadToFiber
CreateProcessA
ExitProcess
FileTimeToSystemTime
FindFirstFileW
FoldStringA
GetBinaryType
GetBinaryTypeW
GetOEMCP
GetStartupInfoW
GetTapeStatus
InterlockedExchangeAdd
IsBadStringPtrW
LockFileEx
OpenWaitableTimerA
PostQueuedCompletionStatus
PrepareTape
ReadConsoleInputW
ReadConsoleOutputW
SetComputerNameW
SetFileAttributesW
SetLocaleInfoA
SetThreadAffinityMask
SuspendThread
TlsGetValue
VirtualProtect
WaitForMultipleObjectsEx
WriteConsoleOutputA
lstrcpy

user32

AppendMenuW
CopyAcceleratorTableW
DdeAbandonTransaction
DlgDirSelectExW
EndTask
FillRect
GetAncestor
GetCapture
GetClipboardFormatNameA
GetMessageA
GetUpdateRgn
GetWindowWord
LoadCursorA
MapVirtualKeyW
PaintDesktop
RealChildWindowFromPoint
SendIMEMessageExW
SetClipboardData
SetDlgItemInt
SetDlgItemTextA
SetWindowPlacement
TabbedTextOutW
UnhookWinEvent
VkKeyScanA
keybd_event

gdi32

CreateFontIndirectA
CreateFontW
CreatePalette
CreatePatternBrush
EnumFontFamiliesExW
EqualRgn
FlattenPath
FloodFill
GdiPlayDCScript
GetBkColor
GetBrushOrgEx
GetDCOrgEx
GetDeviceCaps
GetEnhMetaFileA
GetTextFaceA
LPtoDP
PlayEnhMetaFileRecord
Polygon
PtInRegion
RemoveFontResourceA
ScaleViewportExtEx
SelectClipPath
SelectClipRgn
SetAbortProc
SetICMProfileA
SetLayout
SetROP2
UpdateColors
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

430a18e4374f8a9aa11139f637fe13fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 268KB - Virtual size: 280KB

.idata Size: - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 512KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 268KB - Virtual size: 280KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 512KB