246d6487e8f8ae2f913218d0b0573782_JaffaCakes118

General

Target

246d6487e8f8ae2f913218d0b0573782_JaffaCakes118
Size

324KB
MD5

246d6487e8f8ae2f913218d0b0573782
SHA1

f6f66d7662805d3244be6e327ca2cb07135fbb63
SHA256

89dbb2bc7c786e48b53c0ca971d9e8c2cabe298ed0c00242a8a129820ec6b6f4
SHA512

6b670118caf1b783c03270f500ef05bbf8300b7312b413a9f3b00ec55e7905f84b5ea38de5f14661746bf635832c5bea3fa9bacef7168274dd87db6f8c0b4dc8
SSDEEP

6144:ieKGnR6sK/3FIUaEmhf1RaKUdS4jSgUotSnR8ntVHc2PGa5:ie5ZS3FIfHf18X04jdtSqn/c2ua

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
246d6487e8f8ae2f913218d0b0573782_JaffaCakes118

Files

246d6487e8f8ae2f913218d0b0573782_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ce8b95d71bf1930285051402156e36c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
VirtualProtect
lstrlenA
GetCommandLineA
ExitProcess
GlobalFindAtomW
EnumResourceLanguagesW
CreatePipe
WriteConsoleOutputAttribute
GlobalDeleteAtom
GetVersionExA
UnlockFileEx

user32

EnumDisplaySettingsExA
ArrangeIconicWindows
InflateRect
GetKeyboardLayoutNameA
EnumDisplayDevicesW
SetCaretPos
EnableWindow
CreateWindowStationW
GetClassNameW
TrackMouseEvent
SetClipboardData
GetForegroundWindow
DispatchMessageA

gdi32

SetLayout
GetStretchBltMode
DPtoLP
SetTextCharacterExtra
TextOutA
GetOutlineTextMetricsW
GetCurrentPositionEx
PolyBezierTo
CreateEllipticRgn
GetEnhMetaFileHeader
GetDeviceCaps
ExtCreateRegion
Rectangle
EnumMetaFile
GetTextCharacterExtra

advapi32

CloseServiceHandle
UnlockServiceDatabase
RegRestoreKeyA
RegGetKeySecurity

shell32

SHGetMalloc
ExtractIconExW
DuplicateIcon
Shell_NotifyIconA

ole32

StringFromIID
CoGetCallContext
CoInitialize
CreateItemMoniker

oleaut32

LoadTypeLi
VariantClear
DispGetIDsOfNames
VariantChangeTypeEx
SafeArrayAccessData
SysReAllocStringLen

comctl32

ImageList_Create
ImageList_Duplicate
ImageList_GetIconSize

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ce8b95d71bf1930285051402156e36c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 288KB - Virtual size: 284KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 28KB - Virtual size: 24KB