5a8832fd1f2430554ce50bac6ba49ea6_JaffaCakes118

General

Target

5a8832fd1f2430554ce50bac6ba49ea6_JaffaCakes118
Size

475KB
MD5

5a8832fd1f2430554ce50bac6ba49ea6
SHA1

18db5398d1ae381de0c66fa8367e70dbcde7fed6
SHA256

a6adb3ceea80deed2a96432ffa39066925ac55f7c7516672d7e403067f0c4736
SHA512

becf9293d0755c4d50d34b823e082b822a4a0ddfc3809fd5d0169a5682455d6ca9176560ad62f2b2d21e2943f78af33cc0113cff1cec715066b01db2a8633c39
SSDEEP

6144:t4vvR1Qj7T4YyQaNF/5N8u70DIqE/b4oGjxfOcQMbBeaK:tSvRi743F/5K4NFkoGBOcQMFjK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a8832fd1f2430554ce50bac6ba49ea6_JaffaCakes118

Files

5a8832fd1f2430554ce50bac6ba49ea6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34a2463d5b18d727475063220521e926

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateDirectoryExW
DeleteFileA
EnumDateFormatsExW
EnumDateFormatsW
EnumResourceLanguagesW
ExitProcess
GetBinaryTypeW
GetFileAttributesExW
GetProfileStringA
GetStartupInfoA
GetStringTypeW
HeapValidate
InterlockedExchange
Module32Next
MoveFileA
MoveFileExA
Process32First
ReadConsoleInputA
RemoveDirectoryW
RtlMoveMemory
RtlZeroMemory
SetMailslotInfo
SetProcessShutdownParameters
SetThreadLocale
SetWaitableTimer
UnlockFile
VerLanguageNameA
WriteConsoleA
WriteFile

user32

BroadcastSystemMessageW
CharLowerBuffA
CharToOemBuffW
ClientToScreen
DefFrameProcA
DeferWindowPos
DlgDirSelectComboBoxExW
EnumThreadWindows
GetCapture
GetClipboardData
GetClipboardFormatNameW
GetClipboardOwner
GetKeyState
GetMenuInfo
GetUpdateRect
HideCaret
InflateRect
LoadCursorFromFileA
RegisterClassA
SetWindowTextA
ShowCaret
ShowCursor
TabbedTextOutA
TranslateAccelerator
wsprintfW

gdi32

AbortDoc
ArcTo
CheckColorsInGamut
ColorMatchToTarget
CreateFontW
CreateICW
CreateScalableFontResourceA
DeviceCapabilitiesExA
EndPage
ExtFloodFill
FixBrushOrgEx
GdiPlayJournal
GetCharWidth32A
GetCharacterPlacementW
GetICMProfileA
GetMapMode
GetOutlineTextMetricsW
GetSystemPaletteEntries
GetTextExtentPointA
GetTextMetricsA
IntersectClipRect
LineDDA
RestoreDC
SetAbortProc
SetTextAlign
StartPage
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34a2463d5b18d727475063220521e926

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 267KB - Virtual size: 284KB

.idata Size: - Virtual size: 20KB

.rsrc Size: 207KB - Virtual size: 480KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 267KB - Virtual size: 284KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: 207KB - Virtual size: 480KB