1b9e6b5d5b17cb48ba7abbc37ca45437_JaffaCakes118

General

Target

1b9e6b5d5b17cb48ba7abbc37ca45437_JaffaCakes118
Size

228KB
MD5

1b9e6b5d5b17cb48ba7abbc37ca45437
SHA1

2dc8938c3cd464ebe5afbc28dc48ff83404c90c4
SHA256

fd740acc47da688c746729797425e13e651b3e1f1ce5db3b290d5d0ac8924398
SHA512

ef5476b2e75e020fb59f7ebaa6fe9a9be104ff5b43f2eac6c331440283ae03e48166263ece8c434e117b32273ba3830b71c2bd7f6a046cacf5ef7a9a299fdcaf
SSDEEP

6144:xEGBNTTdWijt+DDEWVzLhPS8YiS5/CSOpvISEwb:nBNTTdWjDDhzLhPJrS6vISEw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b9e6b5d5b17cb48ba7abbc37ca45437_JaffaCakes118

Files

1b9e6b5d5b17cb48ba7abbc37ca45437_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2caa2c282accd4e637637208ddd6cfca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ConnectNamedPipe
CreateMutexA
CreateWaitableTimerA
DefineDosDeviceA
ExitProcess
FindFirstChangeNotificationA
FlushViewOfFile
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetDefaultCommConfigA
GetEnvironmentStrings
GetEnvironmentVariableA
GetTapePosition
GlobalAddAtomW
HeapDestroy
IsBadStringPtrA
LocalReAlloc
MulDiv
SetCurrentDirectoryW
SetFilePointer
SetLocaleInfoW
SwitchToFiber
TlsAlloc
WriteFileGather
_lclose
lstrcpynW

user32

ChangeDisplaySettingsExA
CharToOemBuffW
DefMDIChildProcA
DlgDirListA
EnumDesktopsW
EnumDisplayDevicesA
EnumWindowStationsW
GetAltTabInfo
GetClipboardFormatNameW
GetDCEx
GetMenuDefaultItem
GetMenuState
GetScrollInfo
GetWindowModuleFileNameA
HideCaret
IMPSetIMEW
InvertRect
IsWindow
IsZoomed
LookupIconIdFromDirectoryEx
MapDialogRect
RegisterClassExA
RegisterDeviceNotificationW
SetMenuItemBitmaps
SetMessageQueue
SetRectEmpty
TileWindows

gdi32

AddFontResourceA
BeginPath
CombineTransform
CopyEnhMetaFileA
CreateColorSpaceW
CreateMetaFileA
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
DescribePixelFormat
GdiPlayJournal
GetCharWidth32A
GetCharWidthA
GetCharWidthW
GetGlyphOutlineW
GetObjectA
GetOutlineTextMetricsA
GetTextCharacterExtra
MaskBlt
SetBitmapBits
SetBitmapDimensionEx
SetICMProfileA
SetMagicColors
SetWindowExtEx
StrokeAndFillPath
SwapBuffers
WidenPath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2caa2c282accd4e637637208ddd6cfca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 226KB - Virtual size: 232KB

.rsrc Size: 1024B - Virtual size: 236KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 226KB - Virtual size: 232KB

.rsrc
Size: 1024B - Virtual size: 236KB