38047b527bebb9aa9fd41408d16284d8_JaffaCakes118

General

Target

38047b527bebb9aa9fd41408d16284d8_JaffaCakes118
Size

77KB
MD5

38047b527bebb9aa9fd41408d16284d8
SHA1

43c0dd40f1a32b7c9bb1933809815004c39c19a8
SHA256

2256a0a2b3dddbf20c534b46d5349a61decd0b45b2abd1a12c0b28871c775fa9
SHA512

9e5c18a220959f54e6ef3eef9eda5352ae0fc5af23769e42f1fcfdb3c0b9d32e77ce19229e48cbcc7c4626026ba2dbd3b84935796848c36ce42d2b577aea8267
SSDEEP

1536:NB8C9CqKmJpBbW2MCHTCwywoKxXNTCwywoKxXH:NB8PqKmdpMCzCpw5RCpw5H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38047b527bebb9aa9fd41408d16284d8_JaffaCakes118

Files

38047b527bebb9aa9fd41408d16284d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45ebe69c29730d834a85b77b14279386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputExW
VirtualProtect
DeleteCriticalSection
MapViewOfFileEx
HeapCreateTagsW
LockFileEx
LoadLibraryW
MoveFileWithProgressW
GetNextVDMCommand
GetLastError
GetStringTypeW
EnumSystemLanguageGroupsA

user32

EnumClipboardFormats
DdeQueryConvInfo
DestroyMenu
ValidateRgn
AdjustWindowRectEx
GetMessageExtraInfo
TrackPopupMenuEx
SetProcessWindowStation
GetClassInfoA
SetWindowContextHelpId
UserClientDllInitialize
SetCursor
LoadBitmapW
GetWindowLongA
EnumPropsW
EnumWindows
GetClassWord

gdi32

AbortDoc
EngQueryEMFInfo
StrokePath
FontIsLinked
EngDeleteClip
DeleteObject
EngLockSurface
GetCharWidthA
RemoveFontResourceW
CopyMetaFileW
GetCharABCWidthsFloatA
SetBrushOrgEx
SetTextJustification
LineDDA
GdiQueryTable
EngCreateBitmap
DeviceCapabilitiesExW
SetVirtualResolution
StartDocW
CreateFontIndirectExA
GetPaletteEntries
GdiGetPageHandle
GdiPlayDCScript
SetICMMode
GetGlyphOutlineWow
CreateRoundRectRgn
GetCurrentObject
EngAlphaBlend
GetRandomRgn

comdlg32

PrintDlgExA
PageSetupDlgA
ChooseColorW
GetSaveFileNameA
PrintDlgW
ReplaceTextW
PrintDlgA
Ssync_ANSI_UNICODE_Struct_For_WOW
FindTextW
ChooseColorA
PageSetupDlgW
CommDlgExtendedError
LoadAlterBitmap
GetFileTitleW
WantArrows
ReplaceTextA
FindTextA
PrintDlgExW
GetOpenFileNameW

Sections

.text
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45ebe69c29730d834a85b77b14279386

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 92KB

.data Size: 17KB - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 92KB

.data
Size: 17KB - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 4KB