4a6feb8f4d784ea06707f0829ac48985_JaffaCakes118

General

Target

4a6feb8f4d784ea06707f0829ac48985_JaffaCakes118
Size

386KB
MD5

4a6feb8f4d784ea06707f0829ac48985
SHA1

114c89a2d3474fe241b28b3305bf23223ea092ca
SHA256

5c24bae92bf384919ac509f890f82f47c6e7e37fba0be2dfd6e37322b59f43a1
SHA512

e7de613521421bf8db975e10e2c5aa752dc92cb054cdd354ed68cd08dbd0f662c8e12e2b0a08159248f6d45966072561b9b7e6d723097603d29c08ab3920ee2c
SSDEEP

6144:LfI1k6XsHtVjVMesOPxUJ7bIMnss5X4f3FMR4ZRKQ8og6CEzV29JvbJ3i0zGzwBv:GZXsHvjVn5krssN4fFQFog6CCwH+av

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a6feb8f4d784ea06707f0829ac48985_JaffaCakes118

Files

4a6feb8f4d784ea06707f0829ac48985_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d0a0d9a8e6af3bad4ba992d8b9eaa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtTextOutA
CreateFontA
GetEnhMetaFilePaletteEntries
CreateFontIndirectA
GetObjectType
GetClipRgn
SetTextCharacterExtra
SetPixel
SelectPalette
ExtFloodFill
Rectangle
CreateICA
IntersectClipRect
SetTextAlign
DeleteObject
SetBkColor
GetPixel
CreateFontW
GetNearestPaletteIndex
GetDeviceCaps
DeleteEnhMetaFile
ScaleViewportExtEx
PlayEnhMetaFile
GetBrushOrgEx
FillPath
CreateEllipticRgn
ResizePalette
CreateDIBSection
GetTextMetricsA
OffsetViewportOrgEx
ExtCreatePen
BeginPath
CreatePen
Pie
LPtoDP
SetRectRgn
CreateSolidBrush
GetEnhMetaFileBits
GetTextCharsetInfo
DPtoLP
GdiFlush
GetEnhMetaFileHeader
SetMapMode
SetViewportOrgEx
SetROP2
SetWinMetaFileBits
PtVisible
GetTextExtentPoint32A
ExtSelectClipRgn
GetTextColor
SetAbortProc
StartPage
SelectClipRgn
GetClipBox
OffsetClipRgn
GetTextAlign
GetGlyphOutlineW
GetMapMode
StretchBlt
SaveDC
SetTextColor
CreateBitmap
GetStockObject
CreateDCW
ExtEscape
GetWindowOrgEx
GetObjectW
CopyEnhMetaFileW
ScaleWindowExtEx

msvcrt

acos
_global_unwind2
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_futime
feof
_copysign
_j0
strcmp
fflush
_mktemp
_rmdir

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d0a0d9a8e6af3bad4ba992d8b9eaa2

Headers

File Characteristics

Imports

gdi32

msvcrt

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 499KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 499KB

.rsrc
Size: 48KB - Virtual size: 47KB