280b1839172c40b483ea66d427977386_JaffaCakes118

General

Target

280b1839172c40b483ea66d427977386_JaffaCakes118
Size

9KB
MD5

280b1839172c40b483ea66d427977386
SHA1

aad2113242ed178bdf5f3ce8da53f1d6fe73bbf1
SHA256

9d877675ffba2691f846541a8e74a462bca1cf3e97e1c91386b8a8c1b28100f9
SHA512

aa3313b9fbe19603a5512746907c7917a4f66724bfc71f1a7b6303d3fd8fa6215d5d3388b10fa03478938a603669ae005a9327b87261b4f6d1c4d1baf3feb1c4
SSDEEP

192:bHdtM8crwNAObcBBFW+lUhfIGpzRWuDVQ:JjI0AacBBeQGpzRWue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280b1839172c40b483ea66d427977386_JaffaCakes118

Files

280b1839172c40b483ea66d427977386_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3f79f2d1f2c5d41929307e2d63902e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
LoadLibraryA
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
FreeLibrary
lstrcatA
GetCurrentProcessId
GetACP
GetStartupInfoA
GetProcAddress
CreateProcessA
FindFirstFileA
GetCurrentThreadId
GetCurrentThread
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetThreadPriority
GetFileInformationByHandle
SetFilePointer
ReadFile
CancelIo
CloseHandle
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

SetActiveWindow
wsprintfA
GetCapture
DestroyCaret
GetActiveWindow
ClientToScreen
GetTopWindow
GetCursor
GetClipCursor
ClipCursor
GetCaretPos
GetCaretBlinkTime

gdi32

WidenPath
CancelDC
UnrealizeObject
AbortPath
StrokePath
GetBkColor
PathToRegion
CloseFigure
StrokeAndFillPath
GetBrushOrgEx
EndPage
FillPath
GdiFlush
CreateCompatibleDC
CreateCompatibleBitmap
GetColorSpace
StartPage
FlattenPath
GdiGetBatchLimit
EndPath
GdiSetBatchLimit
BeginPath
EndDoc
GetBkMode
AbortDoc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3f79f2d1f2c5d41929307e2d63902e5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 368B

.reloc Size: 1024B - Virtual size: 846B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 368B

.reloc
Size: 1024B - Virtual size: 846B