49dd750e411918ba11b909c5c375df9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49dd750e411918ba11b909c5c375df9b_JaffaCakes118
Size

141KB
MD5

49dd750e411918ba11b909c5c375df9b
SHA1

bc3050198b2104ef4943a94dd726fbc0bba191b8
SHA256

24a15348889452ddacb13728f8963b2982662e99e77c57fc692adef465c5ff89
SHA512

0274569109de4a09dbc5cadb88331f0e5c7c1a5ad2527cbb90e6d54b1ab4eec9e3b50cd8f84eeabc87c416bb88f5dc1778044199753afff1235a12555bfdcc3a
SSDEEP

3072:ismvyCNBhpFIRFfYnwZ4DZwgObzt2ZuCVqMg8GsXW:gvy0vFIRKwWD3qtfUKxsXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49dd750e411918ba11b909c5c375df9b_JaffaCakes118

Files

49dd750e411918ba11b909c5c375df9b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

850d11bb1532c76e24eb6a89daeb1ad4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_vsnprintf

shlwapi

StrFormatByteSizeW
StrTrimA
PathSkipRootA

kernel32

SetCurrentDirectoryW
FileTimeToDosDateTime
GetProcessVersion
GetModuleHandleA
LoadLibraryW
UnmapViewOfFile
CreatePipe
WaitForSingleObjectEx
GetTickCount
SetSystemTimeAdjustment
SetNamedPipeHandleState
FlushInstructionCache

user32

GrayStringA
DragObject
LookupIconIdFromDirectoryEx
GetKeyboardState
GetDC
CharPrevExA
FindWindowA

gdi32

CreateBitmapIndirect
GetSystemPaletteUse
GetNearestPaletteIndex
GetViewportExtEx
SetGraphicsMode
GetArcDirection
StartDocW
RectVisible
CloseEnhMetaFile

advapi32

GetLengthSid

Exports

Exports

__EndPaint@12
__GetUpdateRect@12

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ecode
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memdat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stadat
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

850d11bb1532c76e24eb6a89daeb1ad4

Headers

File Characteristics

Imports

ntdll

shlwapi

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.ecode Size: 9KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 296B

.memdat Size: 2KB - Virtual size: 1KB

.stadat Size: 1024B - Virtual size: 548B

.rsrc Size: 125KB - Virtual size: 125KB

.reloc Size: 1024B - Virtual size: 618B

.text
Size: 2KB - Virtual size: 1KB

.ecode
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 296B

.memdat
Size: 2KB - Virtual size: 1KB

.stadat
Size: 1024B - Virtual size: 548B

.rsrc
Size: 125KB - Virtual size: 125KB

.reloc
Size: 1024B - Virtual size: 618B