281e5ed21f9d541bd0f4e2b35d244d2a_JaffaCakes118

General

Target

281e5ed21f9d541bd0f4e2b35d244d2a_JaffaCakes118
Size

211KB
MD5

281e5ed21f9d541bd0f4e2b35d244d2a
SHA1

3373634f19df05452dbf0bbdd68a885951045477
SHA256

d792421876c22b159ae428d41109a815a747aa269b86b70d7fc232faa73e613e
SHA512

cf516b6714390cae0e2ecd83b80dd04cdea8f7ec4091e74adf4588db558e9576f30f13a3e9b74fcc087b35ad57f4898dffff86e25062211cb8e6c98e6d4d99e0
SSDEEP

3072:6wJr0aUc0XyvfvTkS3Gz/JEW/IbF3uhzZKK4UFQk4hRBsTNyQ6o/e00e:6wJBu+jkSyEW/rRrNFCgNyQ6Nk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
281e5ed21f9d541bd0f4e2b35d244d2a_JaffaCakes118

Files

281e5ed21f9d541bd0f4e2b35d244d2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19100ee7393cc95923b1deb687a5488f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
DeviceIoControl
FileTimeToLocalFileTime
FindNextFileW
FreeLibrary
FreeResource
GetCommandLineW
GetEnvironmentStringsW
GetFileSize
GetLocaleInfoA
GetStartupInfoA
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
LCMapStringA
LocalFree
RtlUnwind
SetThreadLocale
TlsSetValue
WriteConsoleA

user32

CallWindowProcA
CheckMenuItem
CreateMenu
DrawEdge
DrawIcon
DrawTextA
EnableWindow
EndDialog
EndPaint
FrameRect
GetCursorPos
GetIconInfo
GetMenuItemID
GetWindowThreadProcessId
LoadStringA
PostQuitMessage
ReleaseCapture
SetPropA
ShowWindow
UnhookWindowsHookEx

gdi32

BitBlt
CreateFontW
CreateRectRgn
EnumFontsA
ExtCreateRegion
FillRgn
GetEnhMetaFilePaletteEntries
GetObjectType
LineDDA
OffsetViewportOrgEx
RealizePalette
SetWindowExtEx
StretchDIBits

shell32

ExtractIconA
ExtractIconExA
SHBindToParent
SHBrowseForFolderW
SHChangeNotify
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderLocation
SHGetPathFromIDList
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

LaSnA1GS
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19100ee7393cc95923b1deb687a5488f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

LaSnA1GS Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

LaSnA1GS
Size: 2KB - Virtual size: 120KB