5ce100a2451662d29033b7c3e06b1458_JaffaCakes118

General

Target

5ce100a2451662d29033b7c3e06b1458_JaffaCakes118
Size

161KB
MD5

5ce100a2451662d29033b7c3e06b1458
SHA1

134ca3570c0c1eaf1b9bfbe4895a242c8e8ed9cf
SHA256

444c6bd05f6c272cc14d5bc4157c1b7fa26475a23bafc7af1edd445ccd68d7a6
SHA512

9e39274d44cd2e3926cfc72b9203cec86868f5db39bf2b37173a1870dbd13ed16f9c4750e0b577e66f5f8fb0787304b829ed281902c26339053a40f26f15d32b
SSDEEP

3072:FW5Asi8y9rejP6LhVnJSwzNs97nH8use0rrsGpqFzmxGevxvx4r8fxM626Kz4Pxr:F1/9Sjc4wz29LFsLU6qFzmHvxvx4yO6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce100a2451662d29033b7c3e06b1458_JaffaCakes118

Files

5ce100a2451662d29033b7c3e06b1458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d91545d2506f8687c6c8bc6011e227a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ArcTo
GetTextExtentPoint32A
GetViewportExtEx
GetFontData
GetLogColorSpaceA
DeleteDC
GetGlyphIndicesW
CreateFontA

kernel32

GetSystemDirectoryW
GetCommandLineW
ExitProcess
GetModuleHandleW
VirtualAlloc
CreateMailslotW
EnumResourceNamesW
SetLastError
SetConsoleScreenBufferSize
_llseek
GetCurrentProcessId
CopyFileA
RemoveDirectoryW

linkinfo

CompareLinkInfoVolumes
CompareLinkInfoReferents
IsValidLinkInfo
GetLinkInfoData
ResolveLinkInfoW
DestroyLinkInfo
CreateLinkInfoW
DisconnectLinkInfo
GetCanonicalPathInfoW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbs
Size: 5KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 92KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 96KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 96KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d91545d2506f8687c6c8bc6011e227a

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

linkinfo

Sections

.text Size: 14KB - Virtual size: 14KB

.textbs Size: 5KB - Virtual size: 41KB

DATA Size: 92KB - Virtual size: 142KB

.edata Size: 96KB - Virtual size: 143KB

.orpc Size: 96KB - Virtual size: 137KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 14KB - Virtual size: 14KB

.textbs
Size: 5KB - Virtual size: 41KB

DATA
Size: 92KB - Virtual size: 142KB

.edata
Size: 96KB - Virtual size: 143KB

.orpc
Size: 96KB - Virtual size: 137KB

.rsrc
Size: 18KB - Virtual size: 18KB