4cb1b8e4f1254f81692eaa9cb176c924_JaffaCakes118

General

Target

4cb1b8e4f1254f81692eaa9cb176c924_JaffaCakes118
Size

244KB
MD5

4cb1b8e4f1254f81692eaa9cb176c924
SHA1

ff74ec9af6e11aa7127dcf28a789260291b8aad1
SHA256

8ffc011a4cad15e197ecd77ec98b1b9962834a02480e03651a465baf82a3b5a7
SHA512

5a86d67ee6dd833dbd511dcb7360ef5348124c143fedda1553254a3256eb90023ea59c014261adfce5e9a2064963f21364ff2ff14f8699d905488c721dc0d209
SSDEEP

6144:aMLyEUVEL3jyLuEYLWsKV3h2HJs8NLvFFs9PJRYx2+9knLs9sGUXDFV:tLybWL3Y3sKV3hKtNDFuRR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb1b8e4f1254f81692eaa9cb176c924_JaffaCakes118

Files

4cb1b8e4f1254f81692eaa9cb176c924_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e59a970e12349e2f56fc8e4f8360b3ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteFiber
EnumDateFormatsW
EnumTimeFormatsW
EraseTape
ExitProcess
FillConsoleOutputCharacterW
FindAtomA
FindFirstFileExW
FindNextFileW
GetBinaryType
GetCommTimeouts
GetComputerNameA
GetCurrentDirectoryW
GetFileAttributesExW
GetLongPathNameA
GetProcessHeap
GetStringTypeExA
GetSystemPowerStatus
GetTempPathA
GetTempPathW
GlobalFlags
HeapCreate
HeapUnlock
RequestDeviceWakeup
SetLocaleInfoW
TransmitCommChar
UnlockFileEx
WriteFileGather
_lread
lstrcmpA

user32

CallNextHookEx
CharLowerBuffA
DdeCreateStringHandleA
DragDetect
DrawCaption
EnumChildWindows
EnumThreadWindows
GetClassLongA
GetClipboardData
GetClipboardOwner
GetMenuState
GetTabbedTextExtentW
IMPGetIMEW
IsCharUpperW
IsWindow
LoadMenuA
MapDialogRect
OemToCharBuffW
PtInRect
RegisterClassExW
SetScrollRange
SetWindowContextHelpId
SetWindowPlacement
UnhookWindowsHook
UnregisterDeviceNotification

gdi32

CreateBitmap
CreateCompatibleDC
CreateDCA
CreateFontIndirectW
CreateRoundRectRgn
CreateSolidBrush
EnumFontsW
EnumICMProfilesW
ExcludeClipRect
FlattenPath
FloodFill
GetDCOrgEx
GetRgnBox
GetTextExtentPointA
GetWindowOrgEx
Pie
PolyBezierTo
PolylineTo
SetDIBits
SetMapMode
SetPolyFillMode

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e59a970e12349e2f56fc8e4f8360b3ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 223KB - Virtual size: 232KB

.idata Size: - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 196KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 223KB - Virtual size: 232KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 196KB