1c5b85046eae1692e5dc9b30ff6ecde5_JaffaCakes118

General

Target

1c5b85046eae1692e5dc9b30ff6ecde5_JaffaCakes118
Size

9KB
MD5

1c5b85046eae1692e5dc9b30ff6ecde5
SHA1

7b310cea5ca71e9fbeb0130360eb7436c04e39f9
SHA256

1825febb75bfb72033811b39cd9c3e9c317ecd357bb4925ce85e98b6635002c9
SHA512

c381d3b1ce17b6b50a42bef6b85fba52570a47091dee802faf6173d75eeee8d7494bd8fc8e49a2b59c77b5be82ee7c2f1d6f654f6a215fa978bdd7ea5e584563
SSDEEP

192:bGg5F9lVWz/6c0Mas7TJohBQ40HujMM3aWMKB8RWI/Ph:H53n4vt7TmhBQ40HujMMqWMKB8RWI/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c5b85046eae1692e5dc9b30ff6ecde5_JaffaCakes118

Files

1c5b85046eae1692e5dc9b30ff6ecde5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4c27b0e9ffdc91e0546cba08ca17459

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
FreeLibrary
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
lstrcatA
GetTickCount
GetStartupInfoA
CreateProcessA
GetThreadPriority
FindFirstFileA
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
GetACP
GetShortPathNameA
CancelIo
CreateFileA
GetCurrentProcess
GetProcAddress
GetFileInformationByHandle
SetFilePointer
GetCurrentThread
ReadFile
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

wsprintfA
ClientToScreen
GetCaretBlinkTime
GetTopWindow
ClipCursor
GetCapture
DestroyCaret
GetCursor
GetCaretPos
SetActiveWindow
GetActiveWindow
GetClipCursor

gdi32

PathToRegion
UnrealizeObject
EndDoc
BeginPath
GetBkColor
FillPath
AbortDoc
EndPath
GdiSetBatchLimit
StrokePath
CreateCompatibleBitmap
GdiGetBatchLimit
StrokeAndFillPath
GetBkMode
CancelDC
AbortPath
GetColorSpace
CreateCompatibleDC
CloseFigure
GdiFlush
EndPage
GetBrushOrgEx
StartPage
WidenPath
FlattenPath

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4c27b0e9ffdc91e0546cba08ca17459

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 536B

.reloc Size: 1024B - Virtual size: 942B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 536B

.reloc
Size: 1024B - Virtual size: 942B