2945e71d4af1f6b2798b1a1894a8f2ab_JaffaCakes118

General

Target

2945e71d4af1f6b2798b1a1894a8f2ab_JaffaCakes118
Size

39KB
MD5

2945e71d4af1f6b2798b1a1894a8f2ab
SHA1

ab4545ee2d27c771eadcdcd9a14fa782ed787e7d
SHA256

bb61f2fec8a598da958d42f04a1b14f33c7fa7880a647f965ebcb092eea1b88a
SHA512

830865bb1fb9bdb62a60296d0049d060547079592e6fbbb57b75422b50d33445e6683f34374609edb90947279e6133cf95ce12e43861a59c8c49565835ac1c8a
SSDEEP

768:yChKHJ78YMIEHfEl7gSE9zldF3KhAm4YuVC5gIE8DAGax4:yDgjMI9pdFWmA68Lax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2945e71d4af1f6b2798b1a1894a8f2ab_JaffaCakes118

Files

2945e71d4af1f6b2798b1a1894a8f2ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b041b8e333fe001ecb16b4743f440f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
ConnectNamedPipe
CreateDirectoryExW
CreateDirectoryW
EnumDateFormatsW
ExitProcess
GetDiskFreeSpaceExA
GetLocalTime
GetLogicalDriveStringsA
LocalFileTimeToFileTime
LocalSize
OutputDebugStringW
Process32Next
RtlZeroMemory
SetErrorMode
Thread32Next
TlsGetValue
WriteConsoleOutputCharacterW
WriteFile
WritePrivateProfileStringW
_lcreat
lstrcatW

user32

AppendMenuA
BringWindowToTop
ClipCursor
DdeAbandonTransaction
DdeDisconnect
DlgDirSelectComboBoxExW
DrawAnimatedRects
EnumChildWindows
EnumDisplayMonitors
EnumDisplaySettingsA
GetClipboardData
GetKeyNameTextA
GetScrollRange
GetTabbedTextExtentA
IsCharAlphaNumericA
KillTimer
OpenClipboard
PtInRect
SetRect
SetWindowWord
ValidateRect
WINNLSGetEnableStatus
wsprintfW

gdi32

CombineTransform
CreateColorSpaceA
CreateMetaFileA
CreateScalableFontResourceA
DPtoLP
DeleteMetaFile
EnumICMProfilesW
FrameRgn
GetBrushOrgEx
GetCharWidthA
GetColorAdjustment
GetCurrentObject
GetEnhMetaFileW
GetFontData
GetMapMode
GetMetaRgn
GetObjectW
GetOutlineTextMetricsA
GetPaletteEntries
GetPath
GetPixelFormat
GetTextCharacterExtra
RemoveFontResourceA
RemoveFontResourceW
SetBrushOrgEx
SetDIBits
WidenPath

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b041b8e333fe001ecb16b4743f440f68

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 38KB - Virtual size: 48KB

.rdata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 38KB - Virtual size: 48KB

.rdata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 8KB