6957fc973e45d6362c9508297840332c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6957fc973e45d6362c9508297840332c_JaffaCakes118
Size

136KB
MD5

6957fc973e45d6362c9508297840332c
SHA1

6e52c02c3d9af028f9b3b4f3d2137a60eefba806
SHA256

c4eaf6517322d8c67f083aae15ca5c62c04c2ea8bc375b672a610fee1cc8cec4
SHA512

23667c36ee1739a3d33a37749bee492cf1a6a08ba345b4212efb0a318f36443242764e67692b9cf3bf70681f4012067173b3bc43bc73e49ce5df97aca788fe72
SSDEEP

3072:zsECkTUAq8oqBdjZGQ0MMopjFR4dm2dBbALbQYC:zsECkTJoqBdcfMvphuM2YLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6957fc973e45d6362c9508297840332c_JaffaCakes118

Files

6957fc973e45d6362c9508297840332c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a38fd759161285eefde5082edd983ff3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

j-FA_r-CMDEMWPK0oo+MtNPiV3.pdb

Imports

gdi32

Ellipse
Polyline
GetStockObject
CreateDIBSection
ExtTextOutA
SetTextCharacterExtra
SaveDC
GetBkColor

rpcrt4

NdrConformantArrayMarshall

user32

SetMenu
MessageBeep
WindowFromPoint
GetInputState
PostMessageA

kernel32

CloseHandle
GetStringTypeExW
GetSystemWow64DirectoryW
OpenMutexW
ContinueDebugEvent
LockFileEx
GetQueuedCompletionStatus
SetEvent
GetLargePageMinimum
GetCommandLineW
GetCurrentThreadId
GetProcessPriorityBoost
GetVersion

oleaut32

VarCyCmp
VarCyFromR8

advapi32

CreatePrivateObjectSecurity
IsTokenRestricted
ClearEventLogA

setupapi

CM_Get_Device_Interface_List_SizeW

secur32

DeleteSecurityContext

shlwapi

ChrCmpIW

mprapi

MprAdminBufferFree

imm32

ImmReleaseContext

ole32

OleCreateDefaultHandler

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mkV
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a38fd759161285eefde5082edd983ff3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

rpcrt4

user32

kernel32

oleaut32

advapi32

setupapi

secur32

shlwapi

mprapi

imm32

ole32

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 4KB - Virtual size: 7KB

.mkV Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 488B

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 4KB - Virtual size: 7KB

.mkV
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 488B