599b8e8e2d11c7c70b8464be92b9fc18_JaffaCakes118

General

Target

599b8e8e2d11c7c70b8464be92b9fc18_JaffaCakes118
Size

9KB
MD5

599b8e8e2d11c7c70b8464be92b9fc18
SHA1

c9a3a7c89b421bba366551fc4755cd7ecb31a2e5
SHA256

ef1541fe088e2d51bc8b9291a68d93f2cdcaf9b0578fcc200eb6656cc27dbb92
SHA512

fb83c283590aaf3760dfe79e97c7cc98a8c53156f250c9ac65802cdb81ad2b0a03213d9836c15df12c61ed64c3fca34d8ff88c5306234e832376b1dbe625efcb
SSDEEP

192:H4Rwwf3Xc/0d++e475DgOAcmAzrES+Ae7H/LxJm:YSwR++e47aOAcmwrESZYH/Lx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
599b8e8e2d11c7c70b8464be92b9fc18_JaffaCakes118

Files

599b8e8e2d11c7c70b8464be92b9fc18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a2baa72a28c9c68a97c32ae5693eadd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
EraseTape
ExitProcess
GetEnvironmentStringsW
GetEnvironmentVariableA
GetProcessVersion
GetSystemInfo
GlobalFindAtomA
GlobalUnWire
GlobalWire
HeapFree
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
ReadConsoleA
ReadConsoleOutputCharacterA
SetThreadIdealProcessor
TlsGetValue
TransmitCommChar
WriteConsoleOutputCharacterA
WriteProfileStringW
lstrcpynW

user32

CountClipboardFormats
CreatePopupMenu
DdeCreateStringHandleA
DlgDirSelectComboBoxExA
EnumPropsExW
EnumPropsW
GetClipboardFormatNameW
GetDlgItemTextA
GetGUIThreadInfo
GetInputState
GetKBCodePage
GetKeyboardType
GetMenuContextHelpId
InvertRect
KillTimer
LoadStringW
ReleaseDC
ReplyMessage
SetDebugErrorLevel
SetMenuDefaultItem

gdi32

CreateBitmapIndirect
CreateFontA
CreatePenIndirect
CreateRectRgnIndirect
DeleteEnhMetaFile
Ellipse
FrameRgn
GdiSetBatchLimit
GetCharacterPlacementA
GetColorAdjustment
GetCurrentObject
GetDCOrgEx
GetDeviceGammaRamp
GetEnhMetaFileA
GetPaletteEntries
GetTextExtentPoint32W
GetTextExtentPointW
MoveToEx
PolyTextOutA
Rectangle
RestoreDC
ScaleWindowExtEx
SelectObject
SetDIBColorTable
SetDeviceGammaRamp
SetMapperFlags
StartDocW
WidenPath

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2baa72a28c9c68a97c32ae5693eadd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 8KB - Virtual size: 16KB

.rdata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 16KB

.rdata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 12KB