39ccd95c3d79231aa062a26fbc66685d_JaffaCakes118

General

Target

39ccd95c3d79231aa062a26fbc66685d_JaffaCakes118
Size

163KB
MD5

39ccd95c3d79231aa062a26fbc66685d
SHA1

5e9d7c22b416492309967e4b00bcd7274549fc98
SHA256

fd1af46c9a08f230cf570c2a464d9df2ed4674768ac4229b9d0ecc3cc010a794
SHA512

0ee232d2d0970844ad5c6a6712aaf671e173c7523c58f8f05d5ce5a587480bea5879840db9f4725d40f08b7dbdfb34f5e9bfb26ceb935ce2914372ad0d880073
SSDEEP

3072:GhSp2qdB1QAoMk11wk83HIeJnz3J3IzMYUABBxQM98EBEg/3BN95PYe7Y1t:NVdfEwf3FV3IoyxHga395PYeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39ccd95c3d79231aa062a26fbc66685d_JaffaCakes118

Files

39ccd95c3d79231aa062a26fbc66685d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fdd268da30cb1c6e7b06b9578b8454e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AngleArc
GetStockObject
CreateRectRgn
LineTo
CreatePen
RectVisible
GetTextExtentPoint32W
EnumFontFamiliesExW
ExcludeClipRect
CombineRgn
IntersectClipRect
GdiSetPixelFormat
CreateDCA
AngleArc

kernel32

GetCommandLineA
ExitProcess
GetLastError
CopyFileW
GetModuleHandleA
VirtualAlloc
GetTickCount
GlobalHandle
GetVersion
GetCurrentProcess
VirtualFree
GetModuleFileNameA
GetFileType
GetLastError
VirtualFree
VirtualAlloc
GetCommandLineA
GetCurrentProcess
GetTickCount
lstrlenA
GetModuleFileNameA
InitializeCriticalSection
GetCurrentThreadId
ExitProcess
GetModuleHandleA
GetVersion

msvcrt

sprintf
_exit
_onexit
_cexit

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

ntdll

_alloca_probe
NtQuerySystemInformation
NtRequestWaitReplyPort
RtlFreeHeap

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fdd268da30cb1c6e7b06b9578b8454e

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

version

ntdll

Sections

.text Size: 7KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 27KB

.rdata Size: 64KB - Virtual size: 380KB

.edata Size: 63KB - Virtual size: 63KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 27KB

.rdata
Size: 64KB - Virtual size: 380KB

.edata
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 16KB - Virtual size: 16KB