31c09d78ac516a3f1f94d3ba9093896e_JaffaCakes118

General

Target

31c09d78ac516a3f1f94d3ba9093896e_JaffaCakes118
Size

26KB
MD5

31c09d78ac516a3f1f94d3ba9093896e
SHA1

71e04b06c8014ccb31c87d6603aec8a0916b4d7f
SHA256

6131ba32aa587295ed056fa7b9b26401815d9851b6f22d45ebe9defe44a9a275
SHA512

2ae9160eb3b76bc7d20de3907f4fd726ea4dbae880acf3082c57822d38d38fd36af96793fbee65539e8b04c85e352698c390dd3ba96889d6ca9154f6882e738c
SSDEEP

384:xt2d3a3022XSl7tBUeo/KcWuLoeiePpkeyaX+N+YQZStvuL:XwSlJBUe+KsLoORkeyaX+cpZEi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31c09d78ac516a3f1f94d3ba9093896e_JaffaCakes118

Files

31c09d78ac516a3f1f94d3ba9093896e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

065c75e206b16635d28a603c44c85d12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
VirtualProtect
GetBinaryType
EnumResourceNamesA
GetConsoleAliasExesA
SetEvent
GetLastError
GetSystemDefaultLangID
SetConsoleIcon
ReleaseMutex
UTUnRegister
GetUserDefaultLCID
SetVolumeLabelW
LeaveCriticalSection

user32

DestroyWindow
GetMenuState
GetKeyboardLayoutNameA
ScrollDC
CharUpperW
LoadKeyboardLayoutA
ShowWindow
SetWindowsHookExA
GetClassLongA
LoadIconA
DrawFrame
CallWindowProcA
DeleteMenu
SetWindowPlacement
UnloadKeyboardLayout
GetClipboardFormatNameA
MapVirtualKeyW
InvertRect
GetClassLongW
DdeAddData
SendMessageA
InflateRect
DrawStateW
UnregisterClassA
TranslateAcceleratorW
MessageBoxIndirectA
WINNLSEnableIME
UserHandleGrantAccess
CheckRadioButton
EnumChildWindows

gdi32

SetMiterLimit
EnumICMProfilesA
SelectPalette
SetDIBitsToDevice
PolyTextOutA
FONTOBJ_pvTrueTypeFontFile
GetCharacterPlacementW
GetCharWidth32A
LineTo
GetDCPenColor
DPtoLP
DrawEscape
ExtFloodFill
GdiStartDocEMF
GetCharWidthFloatA
GetMetaFileBitsEx
GetStringBitmapA
STROBJ_vEnumStart
FONTOBJ_pQueryGlyphAttrs
GdiPlayEMF
GetTextCharset
CreatePenIndirect
PolyPatBlt
GdiAddGlsRecord
GetGlyphOutlineA
CreateBitmap

comdlg32

dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
PrintDlgA
ChooseFontA
GetSaveFileNameW
FindTextW
PrintDlgExW
ReplaceTextA
ChooseColorA
PageSetupDlgA
GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

065c75e206b16635d28a603c44c85d12

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 32KB

.data Size: 18KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 32KB

.data
Size: 18KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 4KB