297d31a506ef80901075f1f851e9f601_JaffaCakes118

General

Target

297d31a506ef80901075f1f851e9f601_JaffaCakes118
Size

44KB
MD5

297d31a506ef80901075f1f851e9f601
SHA1

f74f3c29d17d5b9c0d87ecab966c2fef24ed78df
SHA256

1492ff8cb39b1159d476beff6f072602b9473e171bf8cfc0f9e3d63dd7a6c471
SHA512

d9c152d99a76020aecb96357ab00a626a571883c4ec1aed47bb9d5e7ac9fbe53a67b9510dfd74a82f5eedd5a985b722e58d9c9bb7260e308d69adf8450b1e29c
SSDEEP

768:ZttVz1u52sTew0rtPKrK9cCyiaHtzWNc+hzV3xbwJOqlrLcqc6khOWxDyLa+X+f1:3TI52u05PKrtCJaHtKc+Z8kqlAgk0Wxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297d31a506ef80901075f1f851e9f601_JaffaCakes118

Files

297d31a506ef80901075f1f851e9f601_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da4902955e736e56fa313496183df738

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
VirtualProtect
GetPrivateProfileStringW
GetStdHandle
MoveFileExA
GetVersion
DosPathToSessionPathW
EnumDateFormatsA
HeapFree
SetThreadIdealProcessor
GlobalReAlloc
AddConsoleAliasW
GetProcessTimes
WaitForDebugEvent
LockFile
GlobalFlags
SetEvent
ReadConsoleInputW
SetLocalTime
MoveFileWithProgressW
CreateMutexA
DeleteTimerQueueEx
SetFileApisToOEM
GetThreadPriority
GetSystemDirectoryW
SwitchToFiber
GetLastError
DnsHostnameToComputerNameW
EnumSystemLocalesW
RegisterConsoleIME
HeapDestroy
RemoveDirectoryW

user32

LoadLocalFonts
GetInternalWindowPos
GetFocus
DdeAccessData
FlashWindowEx
UpdateWindow
BeginDeferWindowPos
ShowCursor
GetScrollInfo
EndTask
GetKeyboardLayoutNameA
SetInternalWindowPos
FindWindowW
DestroyMenu
TranslateMessageEx
GetDialogBaseUnits
MonitorFromRect
LoadStringW
SetRectEmpty
UnhookWinEvent

gdi32

GetAspectRatioFilterEx
RemoveFontResourceExW
EngCreateClip
GdiFlush
GetTextExtentExPointA
GdiCleanCacheDC
SelectClipRgn
EnumICMProfilesA
GetPolyFillMode
GdiTransparentBlt
StartFormPage
CreateCompatibleDC
EngGetDriverName
SetBkMode
SetPixelFormat
GdiConvertAndCheckDC
SetDIBitsToDevice
EngDeletePalette
PolyPatBlt
SetViewportExtEx
EngMarkBandingSurface
GetGraphicsMode
GetCharWidthFloatA
RectInRegion
EndDoc

comdlg32

GetFileTitleW
GetSaveFileNameA
ChooseFontA
PageSetupDlgA
dwLBSubclass
GetFileTitleA
PrintDlgA
WantArrows
FindTextA

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da4902955e736e56fa313496183df738

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 4KB