38fbee882325405edaedda25851d3f92_JaffaCakes118

General

Target

38fbee882325405edaedda25851d3f92_JaffaCakes118
Size

42KB
MD5

38fbee882325405edaedda25851d3f92
SHA1

448d3ef0b101e97a15ffe3e0736f1c8a12c8e6b2
SHA256

d40341b874340c4156658f8a6977964d568982cf693639b0dc6be28b4cd683b0
SHA512

94512a5d281cfa70c035bf945dcfd40ff42e75073b9569434b34e6242b22fb06e64e848192e90b65d674f629550df24494b6abe32ea830848a4598a3d37ca0ed
SSDEEP

768:2xUr9hefrcAgR+RIKF0CEwSJYCEBPvh7M:WozEi2DSpEvhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38fbee882325405edaedda25851d3f92_JaffaCakes118

Files

38fbee882325405edaedda25851d3f92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

413d26db369b43efc5298b3d751a83fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
SetFileApisToOEM
SetConsoleTitleW
CloseProfileUserMapping
Process32First
CreateHardLinkW
lstrcatA
GetCompressedFileSizeA
GlobalLock
ExpandEnvironmentStringsW
SetErrorMode
ReadConsoleOutputAttribute
GetConsoleAliasExesA
ReadConsoleInputW
Process32FirstW
WaitForDebugEvent
HeapReAlloc
CloseConsoleHandle
ReadFileScatter
GetTempPathA
GetCPInfoExA
GetBinaryTypeA
GetAtomNameA
GetProfileSectionA
GetConsoleFontSize
GetPrivateProfileSectionW
RegisterWaitForSingleObjectEx

user32

SetCursor
IsRectEmpty
RegisterClassExW
SetMenuItemBitmaps
CallWindowProcW
GrayStringA
FindWindowA
FillRect
GetAncestor
DdeGetQualityOfService
MessageBoxW
GetDlgItemInt
DlgDirSelectExA
UnloadKeyboardLayout
DdeEnableCallback

gdi32

GetEnhMetaFileHeader
GetTextFaceA
CreateBitmap
UpdateColors
GetDeviceCaps
GdiEntry11
GdiEntry5
CreatePalette
PolyBezier
GdiPlayEMF
EngQueryLocalTime
OffsetWindowOrgEx
EngMarkBandingSurface
GetCurrentPositionEx
SetPixelFormat
PaintRgn
SetViewportExtEx
GdiResetDCEMF
GetTextExtentPointA
SetROP2
DeleteEnhMetaFile
Chord
RestoreDC
GetGlyphOutlineA
EngStretchBltROP
EngLineTo
GdiIsMetaPrintDC
SetMiterLimit
EndPath
EnumObjects

comdlg32

PrintDlgExW
PageSetupDlgA
CommDlgExtendedError
PrintDlgA
ChooseColorA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetFileTitleW
dwLBSubclass
FindTextW
GetOpenFileNameW

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

413d26db369b43efc5298b3d751a83fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB