161b9dedf4e15d22715b548e0e3602db_JaffaCakes118

General

Target

161b9dedf4e15d22715b548e0e3602db_JaffaCakes118
Size

88KB
MD5

161b9dedf4e15d22715b548e0e3602db
SHA1

e3656666172ae8383bec3dfbc5f4171887ae1a22
SHA256

17f61ceb559f8caac03283c95bf31b8b194b42cc2e7ac7f506082e562e6eafe4
SHA512

3d389c1de0a6d5963bd7fde3badbc9ceed40bec06555147adb47714138a81902ed85dcf3c7f51f4845a3ba3b5d2f01f4d35fefb30435f0ffbac6286e15c638f9
SSDEEP

1536:rpqtif1s63V5otPNkGx4D9vRdlAj9WlkFYcJcI+CEBMAkbBQTnm85PoY:rp+K1r3V5otVPx4JpdlAjTdQCLAkNQT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161b9dedf4e15d22715b548e0e3602db_JaffaCakes118

Files

161b9dedf4e15d22715b548e0e3602db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1f2e053afbfe83013973f8b22066f36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
ChooseFontW

user32

DrawIconEx

kernel32

HeapReAlloc
SystemTimeToFileTime
SetThreadAffinityMask
SetFileApisToANSI
SetDefaultCommConfigA
BeginUpdateResourceA
CloseHandle
EnumSystemLanguageGroupsA
ExitProcess
GetACP
GetAtomNameW
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetThreadPriorityBoost
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapCreate
MapUserPhysicalPages

ole32

CoCreateInstance
CLSIDFromString
StringFromGUID2

dbghelp

vc7fpo
SymSetSearchPath
SymSetContext
SymGetModuleBase
SymGetLineFromName
ImagehlpApiVersion
ImageRvaToSection
FindFileInSearchPath
FindFileInPath
DbgHelpCreateUserDumpW

comctl32

UninitializeFlatSB
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
InitializeFlatSB
ImageList_SetFlags
ImageList_ReplaceIcon
GetMUILanguage
ImageList_LoadImageA
ImageList_GetIcon
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_DragMove
ImageList_Add
FlatSB_GetScrollPos

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1f2e053afbfe83013973f8b22066f36

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

ole32

dbghelp

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB