447c3ab17c0b2aa35e3e15aa9a0491e9_JaffaCakes118

General

Target

447c3ab17c0b2aa35e3e15aa9a0491e9_JaffaCakes118
Size

24KB
MD5

447c3ab17c0b2aa35e3e15aa9a0491e9
SHA1

957e9f99e20a3e5efd173e29a0c8b54741e29a2b
SHA256

47d9b990c2a46305ee37c5406b8ec1e4e85a4bf38f0051c4cb8eef6108302775
SHA512

469f9d73fe2ec6986b5a66c5789ac63151c2ddfdedc6e3d5575a08b65e953ab387bcae25a62b173822200e5d8fe33ec9d4f5de96377790f6fc7d18f8fb182d71
SSDEEP

384:dVM7Zzx96eG/Njy1k1je/69IrDpYQVMlHaDfVtNgIVcMyVq:MZzxQeUNjyu1jt90Ml6DtB2My

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447c3ab17c0b2aa35e3e15aa9a0491e9_JaffaCakes118

Files

447c3ab17c0b2aa35e3e15aa9a0491e9_JaffaCakes118
.exe windows:2 windows x86 arch:x86

50676bcdf8e2a874f3c910474eeb47c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

SetDIBitsToDevice
CreateSolidBrush
LineTo
SetDIBColorTable
GetNearestColor
UnrealizeObject
GetNearestPaletteIndex
RestoreDC
SetTextAlign
SaveDC
PatBlt
OffsetRgn
CreateCompatibleDC
CreatePolygonRgn
Polygon
CreateBitmap
SetDIBits
PolyBezier
CreatePalette
MoveToEx
SelectObject

ole32

CoGetInterfaceAndReleaseStream
PropVariantClear
CoInitialize
CoUninitialize
CLSIDFromString

user32

DestroyWindow
UpdateWindow
UpdateWindow
InflateRect
FillRect
GetSystemMenu
ClientToScreen
CheckDlgButton
DrawFocusRect
DestroyWindow
DestroyIcon
CreateWindowExA
MsgWaitForMultipleObjects
IsWindow
GetDlgItemInt
KillTimer
GetSysColor
GetMessageA
IsRectEmpty
RegisterClassExA
DefWindowProcA
DestroyCaret
PtInRect
ValidateRect
DispatchMessageA
SetActiveWindow
SendMessageA
ShowWindow
SetRectEmpty
ShowCursor
SetCursor
TranslateMessage
ScreenToClient
GetDC
TranslateMessage

kernel32

VirtualAlloc
GetTickCount
QueryPerformanceCounter
CloseHandle
InterlockedIncrement
MultiByteToWideChar
InterlockedDecrement
GetHandleInformation
GetCurrentProcessId
GetACP
VirtualFree
CreateEventA
IsDBCSLeadByte
GetCommandLineA

gdiplus

GdipSetPropertyItem
GdiplusStartup
GdipCreateBitmapFromFileICM
GdipGetImageEncodersSize
GdipGetAllPropertyItems
GdipGetImageDecodersSize
GdiplusShutdown
GdipDisposeImage

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50676bcdf8e2a874f3c910474eeb47c6

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

user32

kernel32

gdiplus

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB