4a33cef909d7309a80629ca0f8d4cd58_JaffaCakes118

General

Target

4a33cef909d7309a80629ca0f8d4cd58_JaffaCakes118
Size

210KB
MD5

4a33cef909d7309a80629ca0f8d4cd58
SHA1

57c3db6ac8e5b9a593dbe5465b509e068afbe486
SHA256

5c6859fb7b6a60c57951afb1c6d361aa2f3b7723ef5a92e792bbfdbe004409e5
SHA512

603e844d8facafdc363215acfb19f8eba4b727748d4e8d91182e9688a069316f4737f81794efa89f496ffaa4d5f24952de1460cdd8f735863f72ce5cc369648a
SSDEEP

3072:CiMVkuK3J98M0a3sKRERQfzc0ovACpIQ2KWmDJs4YtWSLSfX3LG40DzeW2l9wTZv:8GF9i8JlrchAA9RWystWSuD0DzeW2Hg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a33cef909d7309a80629ca0f8d4cd58_JaffaCakes118

Files

4a33cef909d7309a80629ca0f8d4cd58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6e1c3fe4da0fdcb2949b531fc712f4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreatePopupMenu
DestroyCursor
EnumThreadWindows
GetClientRect
GetTopWindow
GetWindowDC
GetWindowThreadProcessId
MessageBeep
PostMessageA
RegisterWindowMessageA
SetClipboardData

gdi32

CloseEnhMetaFile
CombineRgn
CreateCompatibleDC
CreateRectRgnIndirect
EnumFontFamiliesA
EnumFontFamiliesExA
ExtTextOutW
FrameRgn
GetDIBits
GetObjectW
GetTextFaceA
GetTextMetricsW
PlayMetaFile
ScaleWindowExtEx
SelectObject
SetEnhMetaFileBits
SetROP2
SetWorldTransform

kernel32

CopyFileA
CreateFileMappingA
DeleteFileA
EnumCalendarInfoA
FindNextFileA
FindResourceW
FreeEnvironmentStringsW
FreeLibrary
GetEnvironmentStringsW
GetFileAttributesA
GetFileSize
GetLocaleInfoW
GetWindowsDirectoryA
GlobalReAlloc
HeapFree
HeapSize
InterlockedExchange
LoadLibraryExA
SetEndOfFile
SetThreadLocale
TlsFree
WideCharToMultiByte
lstrlenA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PtkfiHZQ
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6e1c3fe4da0fdcb2949b531fc712f4f

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

PtkfiHZQ Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

PtkfiHZQ
Size: 2KB - Virtual size: 120KB