3f6f8c165fc0b6c38ab99056820780a6_JaffaCakes118

General

Target

3f6f8c165fc0b6c38ab99056820780a6_JaffaCakes118
Size

476KB
MD5

3f6f8c165fc0b6c38ab99056820780a6
SHA1

7d1184c2f58c8d93940c39e12553fdbd47a9a7ac
SHA256

e295f6545b7abaf7bdd27da9e3a35016fdd7f005b6be6aa5a7e71fbbb523b603
SHA512

0ab2502784afc8073a233745d9c8ca260661aded265c4bc6b6446e16e9603d55d9ab07b5ada444c4550d142df6c38d82f8e76ab129ffb3da96d1e237096797e4
SSDEEP

6144:Qrd0QtgkPpZWPGXog5lrP4G2GdaMzoiRIR1Ge2xXqqzvPH13+/DK:od0GqPGXxrPcGJowIR12aCPVIK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6f8c165fc0b6c38ab99056820780a6_JaffaCakes118

Files

3f6f8c165fc0b6c38ab99056820780a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa5290c132be9ccda708c952f8ee5a32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

AllocConsole
AreFileApisANSI
ConvertDefaultLocale
CreateEventW
CreateFiber
CreateFileMappingW
DebugBreak
EnumTimeFormatsA
ExitProcess
GetCompressedFileSizeA
GetCurrentDirectoryA
GetFullPathNameW
GetLastError
GetPrivateProfileStructA
GetProcessTimes
HeapLock
IsDBCSLeadByte
SignalObjectAndWait
Thread32Next
_lcreat

user32

CharPrevW
CharToOemA
CloseDesktop
CreateCursor
CreateIconFromResource
DdeCmpStringHandles
DlgDirSelectComboBoxExA
DrawIcon
DrawIconEx
DrawMenuBar
GetClipboardSequenceNumber
GetMenuCheckMarkDimensions
GetScrollInfo
IMPGetIMEW
InSendMessageEx
IntersectRect
IsDialogMessageA
MessageBeep
OemToCharBuffA
RegisterDeviceNotificationW
SetInternalWindowPos
TileWindows
UnregisterClassW

gdi32

CombineRgn
CreateDIBSection
CreateFontIndirectA
DeviceCapabilitiesExA
EnumEnhMetaFile
ExtTextOutA
GdiSetBatchLimit
GetBitmapBits
GetCharWidthA
GetCharacterPlacementW
GetDCOrgEx
GetEnhMetaFileA
GetEnhMetaFileHeader
GetGlyphOutlineA
GetICMProfileW
GetMetaFileA
GetOutlineTextMetricsA
GetPath
GetPolyFillMode
GetRasterizerCaps
GetSystemPaletteUse
GetTextFaceW
PlayMetaFileRecord
Polygon
ResetDCW
ScaleWindowExtEx
SelectClipPath
SetICMMode
SetMapMode
UpdateICMRegKeyW

Sections

.code
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa5290c132be9ccda708c952f8ee5a32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.code Size: 512B - Virtual size: 4KB

.data Size: 268KB - Virtual size: 280KB

.rdata Size: 512B - Virtual size: 20KB

.rsrc Size: 206KB - Virtual size: 500KB

.code
Size: 512B - Virtual size: 4KB

.data
Size: 268KB - Virtual size: 280KB

.rdata
Size: 512B - Virtual size: 20KB

.rsrc
Size: 206KB - Virtual size: 500KB