5eb17ec88f0c105e5bc1698fcf661156_JaffaCakes118

General

Target

5eb17ec88f0c105e5bc1698fcf661156_JaffaCakes118
Size

43KB
MD5

5eb17ec88f0c105e5bc1698fcf661156
SHA1

8e11dbf08db36d7299519577112e50bfaa334c85
SHA256

227fdfdba5d7d256a1427ebdd1fe0f9cbbb9b17672ef8d2c36677afe37a7a1f7
SHA512

7709075c8135d5802481fd98cc2298ae4ff01d5dee32edeeab7ef91043f5c2aa182ee6385c358879eb056bb9fe1a1fa699fc1e14807f63b50ad3acfbb9966126
SSDEEP

768:2epieDypE8LZxibQe3DDDkYCWvJ2sM2hs/z+MbCutnT/0IRjjf3Rn++n3:XYEYPUQe3DDDkYbv0z22LtDh/1t3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eb17ec88f0c105e5bc1698fcf661156_JaffaCakes118

Files

5eb17ec88f0c105e5bc1698fcf661156_JaffaCakes118
.exe windows:4 windows x86 arch:x86

204239c23438cbc895d21ef06437cd0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFiber
CreateNamedPipeA
CreateToolhelp32Snapshot
DosDateTimeToFileTime
DuplicateHandle
ExitProcess
GetCurrentDirectoryA
GetCurrentThread
GetDiskFreeSpaceExW
GetFileAttributesW
GetFullPathNameW
GetLargestConsoleWindowSize
GetNamedPipeHandleStateA
GetNumberFormatA
GetProcessHeap
GetThreadContext
GlobalUnfix
HeapCompact
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
IsBadWritePtr
OpenFileMappingW
OpenMutexA
OpenSemaphoreW
SetTapeParameters
VerLanguageNameA
WriteConsoleInputW
WriteConsoleOutputA
_hread

user32

CascadeChildWindows
CloseDesktop
CreateMDIWindowA
DlgDirListComboBoxA
DrawAnimatedRects
DrawCaptionTempA
GetClipboardViewer
GetListBoxInfo
GetSysColorBrush
GetUserObjectInformationA
GetWindowInfo
HiliteMenuItem
LoadCursorA
LoadCursorW
LoadMenuIndirectA
NotifyWinEvent
RedrawWindow
ReplyMessage
SendNotifyMessageW
ShowOwnedPopups

gdi32

AngleArc
CreateColorSpaceW
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateHatchBrush
DrawEscape
GetAspectRatioFilterEx
GetCharABCWidthsW
GetRgnBox
GetTextExtentPointW
MoveToEx
PaintRgn
PlayEnhMetaFileRecord
PolyPolyline
ScaleWindowExtEx
SetDeviceGammaRamp
SetTextAlign
StartDocA
StartPage
UpdateICMRegKeyW

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

204239c23438cbc895d21ef06437cd0d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 42KB - Virtual size: 60KB

.rdata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 42KB - Virtual size: 60KB

.rdata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 8KB