32bf836a4f897ac2d3b92159626649ae_JaffaCakes118

General

Target

32bf836a4f897ac2d3b92159626649ae_JaffaCakes118
Size

145KB
MD5

32bf836a4f897ac2d3b92159626649ae
SHA1

f829dd561ecdcfe64a321398e53e19342e1d8b11
SHA256

15dfa71769b1f83ad5f5156f463fc6e4ae6134e63ce7bb3dd313f1ac7bad44f9
SHA512

463255c765d83f820e9c29b50d598378a60738d7e52b4c4c2c5f7deaec8bc16b54f91b07418353ecbb23ef0bcab23b241eeb3b845254fbeee193d2f327a0210f
SSDEEP

3072:ouboevp/3fOhl3cMswyeKndGntVC9LmKECe:EevpHOAMfendGtooKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32bf836a4f897ac2d3b92159626649ae_JaffaCakes118

Files

32bf836a4f897ac2d3b92159626649ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e84420be777a42ed972a84ce01e0f12c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
VirtualProtect
UnlockFileEx
GetEnvironmentStrings
SetConsoleMaximumWindowSize
EnumSystemCodePagesW
InterlockedExchangeAdd
WriteConsoleOutputA
EnumSystemLanguageGroupsA
GetShortPathNameW
GetProfileStringW
GetWriteWatch
ProcessIdToSessionId
LocalShrink
RtlFillMemory
GetCommConfig
CancelWaitableTimer
lstrcpynW

user32

SetCursor
GetUpdateRgn
PostThreadMessageA
SendIMEMessageExA
MessageBoxW
GetWindowInfo
EnumPropsA
GetClassInfoA
OemKeyScan
WindowFromDC
CharPrevExA
ChangeDisplaySettingsW
IsWindowEnabled
InSendMessageEx
DrawStateA
FindWindowExW
DdeQueryNextServer
DlgDirSelectComboBoxExW

gdi32

GetLogColorSpaceW
GetTextExtentExPointWPri
RemoveFontResourceExW
PtVisible
GetCurrentPositionEx
FONTOBJ_pQueryGlyphAttrs
SetROP2
EnumObjects
CreateDIBPatternBrush
SetBkMode
GetEnhMetaFileBits
GetEnhMetaFileHeader
SetWorldTransform
SetDCPenColor
AddFontResourceW
SetDIBitsToDevice
AbortPath
TranslateCharsetInfo
PlayMetaFile
GetCharWidthFloatA
GetViewportExtEx
GetPath
XLATEOBJ_piVector
EngQueryLocalTime
CloseMetaFile
GdiPlayPrivatePageEMF

comdlg32

PrintDlgW
PrintDlgExA
GetSaveFileNameA
ChooseColorW
GetFileTitleA
ReplaceTextW
LoadAlterBitmap
PageSetupDlgW

Sections

.text
Size: 4KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e84420be777a42ed972a84ce01e0f12c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 164KB

.data Size: 137KB - Virtual size: 140KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 164KB

.data
Size: 137KB - Virtual size: 140KB

.idata
Size: 3KB - Virtual size: 4KB