00e0d8b8f9e02828739ab9a8f7020b94_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00e0d8b8f9e02828739ab9a8f7020b94_JaffaCakes118
Size

42KB
MD5

00e0d8b8f9e02828739ab9a8f7020b94
SHA1

608a01985e1c26e242e62a1585f3f409d48a43d2
SHA256

dfb3a773668e9a9242195c164b4221a9e5ee72abbf0fb6f44cd2027eb6c004e2
SHA512

37174acfa6becf1110fa1dcf8326bf3280960d9be558ee1bea95ac283020c897eed39004f7b4e9086e80720abea188234878e59cce923a1882771f25c7028f08
SSDEEP

768:Z2aiDYPbm9EHt15zy3xUXSslmoIns8tPNglKNpMxpP:ZO0T+AluxUCslmomsMNglKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e0d8b8f9e02828739ab9a8f7020b94_JaffaCakes118

Files

00e0d8b8f9e02828739ab9a8f7020b94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ee4334212636d598ba7f05db6fe0806

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
UnregisterWait
SetConsoleTitleW
Process32FirstW
MoveFileWithProgressA
VirtualProtect
LockResource
SetThreadContext
SetThreadLocale
GetProcessVersion
SearchPathA
DosPathToSessionPathW
EnumResourceTypesA
ResetEvent
WriteProfileSectionA
InterlockedCompareExchange
SetComputerNameW
GetDevicePowerState
FatalAppExitA
DeleteVolumeMountPointW

user32

SetCursor
CallMsgFilterW
GetClassWord
PrivateExtractIconsA
GetWindowWord
ModifyMenuW
CreateDialogParamA
GetKeyNameTextW
GetClassInfoExA
GetUserObjectInformationA
DefFrameProcW
GetCursor
SetWindowContextHelpId
GetKBCodePage
SetRectEmpty
IsChild
OffsetRect
GetGuiResources
DefWindowProcA
DdeDisconnectList
SetMenuItemInfoW
GetTopWindow
MessageBoxExA
GetDoubleClickTime
SetWindowWord
VkKeyScanExW
ShowStartGlass
EnumPropsW
TranslateAccelerator
DdeGetQualityOfService
IMPGetIMEA
MapVirtualKeyExW

gdi32

PATHOBJ_vGetBounds
GetMetaRgn
CloseFigure
GetKerningPairsA
STROBJ_bEnum
RealizePalette
EnumFontFamiliesExW
GdiEndDocEMF
AddFontResourceA
LineDDA
EngCreateDeviceSurface
IntersectClipRect
AnimatePalette
EnumEnhMetaFile
GdiPlayPageEMF
SetBrushOrgEx
EngQueryEMFInfo
FontIsLinked
GetMetaFileA
GetTextCharacterExtra
GetTextExtentPointW
SetLayout
GdiEntry13
SetArcDirection
GetArcDirection
GetCharWidthI
GdiPrinterThunk
CLIPOBJ_ppoGetPath
EngUnicodeToMultiByteN
GetPixelFormat
STROBJ_dwGetCodePage

comdlg32

PrintDlgW
GetFileTitleA
FindTextA
dwOKSubclass
WantArrows
PageSetupDlgW
GetSaveFileNameA
ReplaceTextW
ChooseColorW
ChooseFontW
LoadAlterBitmap

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ee4334212636d598ba7f05db6fe0806

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB