38c78e03977df261ae7d982e1ec985dc_JaffaCakes118

General

Target

38c78e03977df261ae7d982e1ec985dc_JaffaCakes118
Size

2.2MB
MD5

38c78e03977df261ae7d982e1ec985dc
SHA1

01f628eeced3f407157b51036dc4d7781ac43b41
SHA256

3661f894245adc8f28bffa2f7cbb3dbc8b74872e249e8398ee38376ed597b3db
SHA512

fa81bd85254580005a1d1a9dac42665220d56714cbe46b055760b60adfed3288a4b0e336e9b6ba2db3cf06c62b7b19dda22ea35cece7a8f104d0d9d974d61e8f
SSDEEP

49152:pwJLYmzNHHi7sSDJEuAc55I0L4lEe4W63bi3slvOBj:yYmBiVtEehUSbW63eBj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38c78e03977df261ae7d982e1ec985dc_JaffaCakes118

Files

38c78e03977df261ae7d982e1ec985dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c9d149e9573f4df8526e4ec20a93b10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetSystemTime
RaiseException
GetShortPathNameW
FormatMessageW
GetCurrentProcess
GetBinaryTypeW
WriteConsoleOutputCharacterA
GetFileInformationByHandle
SwitchToFiber
CreateDirectoryA
ScrollConsoleScreenBufferA
GetShortPathNameA
GetStringTypeExW
SetProcessShutdownParameters
GetCommConfig
RemoveDirectoryW
ExpandEnvironmentStringsW
EnumDateFormatsW
SetHandleCount
SetConsoleWindowInfo
ClearCommBreak
_lread
PrepareTape
GetThreadContext
ConnectNamedPipe
ReadFileScatter
GetProcessTimes
SetCommMask
lstrcpynA
WriteProcessMemory
EnumCalendarInfoA
DosDateTimeToFileTime
GetCommState
GetUserDefaultLangID
Beep
GetConsoleCursorInfo
SetStdHandle
DeleteFiber
GetHandleInformation
WritePrivateProfileSectionA
InitializeCriticalSection
AreFileApisANSI
VirtualFree
SetEndOfFile
PeekNamedPipe
PulseEvent
AllocConsole
CreateMutexW
FlushConsoleInputBuffer

user32

GetTabbedTextExtentW
SetWindowLongW
SetMenuItemBitmaps
GetMenuStringW
GetDesktopWindow
DeleteMenu
GetClassLongW
EnableMenuItem
SystemParametersInfoA
DrawStateW
SetProcessDefaultLayout
ChangeClipboardChain
SetProcessWindowStation
CharToOemW
SetWindowPlacement
SetScrollRange

version

VerQueryValueA
VerInstallFileA
VerFindFileA

shell32

FindExecutableA
ExtractIconExW
Shell_NotifyIconW
ShellExecuteA

Sections

.text
Size: 41KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c9d149e9573f4df8526e4ec20a93b10

Headers

File Characteristics

Imports

kernel32

user32

version

shell32

Sections

.text Size: 41KB - Virtual size: 289KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 41KB - Virtual size: 289KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB