fe13b8d5262eb21d9b5685b62c749bbd_JaffaCakes118

General

Target

fe13b8d5262eb21d9b5685b62c749bbd_JaffaCakes118
Size

135KB
MD5

fe13b8d5262eb21d9b5685b62c749bbd
SHA1

2099a9cb8b0d603eca28bc98a3cdb08c7b2c5e8a
SHA256

715d5f8ddf9d01a7a58ad94285c5f19f7eb9e600b35a4da41d0f4432635b00fc
SHA512

f262de67572937e30b6b5d85bdfde1464ac67d01a8b3b8dc500237ab345207e64aa95eb0acd04cc2608f414cbf5afa76f8b24886298cd10bb2b21102dfa1c9f8
SSDEEP

3072:uN8/ob2jM/gvngskK1dVF/5VFFl4xP+rnxnE1ftFZ9T3c:uN32jpvnLjFnEExnEpL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe13b8d5262eb21d9b5685b62c749bbd_JaffaCakes118

Files

fe13b8d5262eb21d9b5685b62c749bbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d70409b2965e95995fbc1ebb493e97a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
IsBadHugeReadPtr
WriteFile
GetLocaleInfoA
GetStartupInfoA
SetErrorMode
SetHandleCount
IsBadReadPtr
GetVersionExA
GetCommandLineW
GlobalFindAtomA
VirtualQuery
ExitProcess
GetCPInfo
VirtualAllocEx
CompareStringA
LocalAlloc
GlobalDeleteAtom
lstrcatA
GetLastError
HeapAlloc
VirtualAlloc
GetEnvironmentStrings
GetUserDefaultLCID

shlwapi

SHQueryValueExA
SHSetValueA
PathIsContentTypeA

gdi32

SaveDC
CreateDIBSection
CreateBitmap
GetTextAlign
CreateDIBitmap
GetBkMode

user32

SetForegroundWindow
DrawMenuBar
GetTopWindow
GetCursor
GetMenuItemCount
SetMenu
SetMenuItemInfoA
LoadBitmapA
GetMenu
SetFocus
GetCapture
GetFocus

oleaut32

SafeArrayUnaccessData
VariantChangeType
SafeArrayCreate
SysStringLen
SysReAllocStringLen
SysFreeString
SafeArrayGetElement
SafeArrayPtrOfIndex
GetErrorInfo
SysAllocStringLen

Exports

Exports

_f0UyBt40OEW@20
_hvm5oxuxyYs2V@8
dBFmGzou@4
e2RfVfikTiL2h@24

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d70409b2965e95995fbc1ebb493e97a5

Headers

File Characteristics

Imports

kernel32

shlwapi

gdi32

user32

oleaut32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 108KB

.data Size: 119KB - Virtual size: 120KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 108KB

.data
Size: 119KB - Virtual size: 120KB

.rsrc
Size: 1024B - Virtual size: 4KB