1583bac68b2e747df57856d2bd312c5e_JaffaCakes118

General

Target

1583bac68b2e747df57856d2bd312c5e_JaffaCakes118
Size

41KB
MD5

1583bac68b2e747df57856d2bd312c5e
SHA1

1f213f22e5b5d9b9e2cfd545c9434a2789fc654a
SHA256

57ef51f498347f18ba7c19fb254c11f507297e90c606ba55842c3053010030a9
SHA512

f9fb87699e2479137b4bfba1bc3048c3822ccfbf93c4b772b7125da0d37988e5d5693c70b05d6b8651c5c46c07acf64a437fb5f85eb62741256bc0173c38ef3b
SSDEEP

768:Qmr9v1NkMKu6nUK07/R6sZwpzYIoFhdoy47a3N7LxqxN652EEuf73vqPGkOuVeHP:Jr9v1NOdnIR6sWpKXdkahebERCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1583bac68b2e747df57856d2bd312c5e_JaffaCakes118

Files

1583bac68b2e747df57856d2bd312c5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97d686849e286541d7a70250513c118c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelDeviceWakeupRequest
ExitProcess
GetAtomNameW
GetCurrencyFormatW
GetExitCodeThread
GetModuleFileNameW
GetProcessHeap
GetShortPathNameA
Heap32ListNext
IsProcessorFeaturePresent
MoveFileA
OpenMutexW
OpenWaitableTimerA
SetCalendarInfoW
SetThreadContext
SignalObjectAndWait
Toolhelp32ReadProcessMemory
TransactNamedPipe
VirtualProtectEx
WriteConsoleInputA
lstrcatA
lstrcpy
lstrcpynA
lstrcpynW

user32

CascadeChildWindows
CheckMenuRadioItem
ClientToScreen
CreateMenu
CreateWindowStationW
DefMDIChildProcA
DialogBoxParamA
EndPaint
GetClassLongA
GetKeyNameTextA
GetMonitorInfoA
GetNextDlgGroupItem
GetTopWindow
GetUserObjectSecurity
IsWindowVisible
LoadStringW
PostQuitMessage
RegisterClipboardFormatW
ReleaseCapture
SetCaretPos
SetClassLongA
SetFocus
SetProcessWindowStation
SetScrollRange
SetUserObjectSecurity
SetWindowsHookExW
ShowScrollBar
ToUnicode

gdi32

Chord
CreateRectRgnIndirect
EndPath
EnumFontFamiliesA
EnumFontFamiliesW
GdiSetBatchLimit
GetCharABCWidthsA
GetCharWidthFloatA
GetCharacterPlacementW
GetDIBits
GetEnhMetaFileA
GetGlyphOutline
GetObjectA
GetTextMetricsW
InvertRgn
LPtoDP
OffsetViewportOrgEx
PlayMetaFileRecord
PolyPolyline
PolyTextOutW
SetLayout
SetMapperFlags
SetTextAlign

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d686849e286541d7a70250513c118c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 40KB - Virtual size: 52KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 40KB - Virtual size: 52KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 4KB