16216667dee5d908d5eb43e949e7c781_JaffaCakes118

General

Target

16216667dee5d908d5eb43e949e7c781_JaffaCakes118
Size

60KB
MD5

16216667dee5d908d5eb43e949e7c781
SHA1

2642cbe319201ca6447c2b67f36e46f7c9cc73e5
SHA256

faaf19c16afc0b34dbe82021a4a4be0e3d1bf79ad64fbcdf6d24eff6ba21c05e
SHA512

b96768811f1f9b84d18c1c109a9ab8b617607636184695d27f2fcf9820d5b2348f123de664bac9fa960972d53d1749ad6705f1c776756af7be318691266f61e4
SSDEEP

768:qfI0ajokPuy67vIlUPZojlFvJZ1Bo+TvJ4yvbx9VpIkK49OFD8dKRCN:qfvaVWygvIlUOl/i+T6yvF9skoFsKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16216667dee5d908d5eb43e949e7c781_JaffaCakes118

Files

16216667dee5d908d5eb43e949e7c781_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1a4c0068e5136528a08e68e0d8815c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
DebugBreak
EnumResourceNamesW
EnumResourceTypesW
ExitProcess
FindResourceExW
GetBinaryTypeW
GetEnvironmentStringsW
GetTempPathW
GetThreadSelectorEntry
GetTickCount
GlobalFindAtomA
HeapFree
OpenProcess
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadFile
ReadFileEx
RtlMoveMemory
SetEvent
SetFileTime
SetTapeParameters
SystemTimeToFileTime
WaitCommEvent
WriteFileGather
WriteTapemark
_lopen
lstrcpyA
lstrcpyW

user32

AdjustWindowRect
CharPrevW
CreateMenu
DdeUninitialize
DestroyMenu
DrawIconEx
EndDeferWindowPos
ExitWindowsEx
GetClientRect
GetMenuStringW
GetWindowModuleFileNameA
GrayStringA
HiliteMenuItem
LoadCursorW
LockWindowStation
MessageBoxIndirectW
RegisterSystemThread
SetMessageQueue
ValidateRect
WinHelpA

gdi32

CancelDC
CopyMetaFileA
CreatePatternBrush
EnumFontFamiliesExW
EnumICMProfilesW
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutW
GetMapMode
GetOutlineTextMetricsA
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPointA
GetWindowExtEx
GetWorldTransform
LineTo
SetPixelV
SetROP2
SetViewportOrgEx
SetWindowOrgEx
UpdateICMRegKeyW

Sections

.text
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a4c0068e5136528a08e68e0d8815c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 20KB

.data Size: 52KB - Virtual size: 64KB

.idata Size: - Virtual size: 20KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 20KB

.data
Size: 52KB - Virtual size: 64KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: - Virtual size: 4KB