2240dbf824d33978f05a17cab292e0f9_JaffaCakes118

General

Target

2240dbf824d33978f05a17cab292e0f9_JaffaCakes118
Size

89KB
MD5

2240dbf824d33978f05a17cab292e0f9
SHA1

69276497460c080f0f6df53fc1afc2462f8cd61d
SHA256

7a9d4a4213ccb0443d86353bacdb3ba4572a836f2d526ffda7c0886c0c9e0d22
SHA512

8217cf1a8ba9308d47be82928dc05f87e19f06ed0adaab3c902dbe314a3ec087e9ecbb501f6ca3927e350a4070c6bc0e3378b30be92f42928b265a3bd33a2245
SSDEEP

384:DeoUgQp3p7TMtK4Vm9zrCNQakDF5FwVfGXTqu8dQnzYU:aoUgQp3p7gFVm9ze1keVfs8d2Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2240dbf824d33978f05a17cab292e0f9_JaffaCakes118

Files

2240dbf824d33978f05a17cab292e0f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7722a916de0f9d088287553b4e7d75c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoA
MoveFileWithProgressW
GetPrivateProfileStructW
GetProfileIntW
GetPrivateProfileSectionA
ReadConsoleOutputCharacterA
FindFirstChangeNotificationA
WriteProfileStringW
GetCPInfoExA
CreateSemaphoreA

user32

DrawTextA
GetTabbedTextExtentA
RegisterDeviceNotificationA
SetWindowsHookExA
LoadKeyboardLayoutW
GetClassLongA
LoadCursorA
OemToCharBuffW
RemovePropA
RegisterClipboardFormatA

gdi32

GetCharWidthFloatA
GetCharacterPlacementA
GetObjectA
GetMetaFileA
StartDocA
GetKerningPairsW

Sections

.data?
Size: 16KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 881B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticode
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7722a916de0f9d088287553b4e7d75c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.data? Size: 16KB - Virtual size: 96KB

.icode Size: 2KB - Virtual size: 4KB

.fasm Size: 1024B - Virtual size: 894B

.data? Size: 1024B - Virtual size: 881B

.ticode Size: 60KB - Virtual size: 60KB

.data?
Size: 16KB - Virtual size: 96KB

.icode
Size: 2KB - Virtual size: 4KB

.fasm
Size: 1024B - Virtual size: 894B

.data?
Size: 1024B - Virtual size: 881B

.ticode
Size: 60KB - Virtual size: 60KB