620e27e8236271d72d682f95b3f6625e_JaffaCakes118

General

Target

620e27e8236271d72d682f95b3f6625e_JaffaCakes118
Size

226KB
MD5

620e27e8236271d72d682f95b3f6625e
SHA1

a9534a044a054040801ac2a3f4e29bafc7ec12c5
SHA256

6143e1be638d78df7eebf0a5b321b820a6bf92a5205a72a317c3afdf3b809f09
SHA512

3d41c060d94bf68186fcbb412a51feb2c792d09dc1e9f82189827b81640d55e288ec7ea2a71707a55500411cd90d70e8b86b529fe1c5ca5febd84990dd302588
SSDEEP

6144:QrpQkDRYD1tmCaylRpiHudxtjkVXm3jcIKp00:QrLDRgbQyHQ+t4mL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
620e27e8236271d72d682f95b3f6625e_JaffaCakes118

Files

620e27e8236271d72d682f95b3f6625e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14d1eaa2f9b32b2935e56c6eb417db7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

BuildCommDCBAndTimeoutsA
BuildCommDCBW
CancelIo
CloseProfileUserMapping
ConvertDefaultLocale
CopyFileExW
DisconnectNamedPipe
ExitProcess
FindCloseChangeNotification
GetACP
GetCommModemStatus
GetConsoleOutputCP
GetCurrencyFormatA
GetDefaultCommConfigW
GetFileAttributesExW
GetLastError
GetLocaleInfoW
GetNumberFormatA
Heap32ListFirst
IsProcessorFeaturePresent
LocalHandle
OpenFileMappingW
ReleaseSemaphore
SetCommTimeouts
SetLocaleInfoW
SetVolumeLabelA
SignalObjectAndWait
UnlockFileEx
VerLanguageNameW

user32

CharLowerA
CharLowerW
CreatePopupMenu
DdeAbandonTransaction
DdeQueryNextServer
DefDlgProcW
DlgDirListW
DlgDirSelectComboBoxExW
DragDetect
DrawMenuBar
EditWndProc
EndDialog
EnumDisplayDevicesW
EnumWindowStationsW
EnumWindows
GetMenu
GetSysColor
IsCharLowerA
IsWindowEnabled
IsZoomed
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MsgWaitForMultipleObjects
OpenIcon
ScrollWindow
SetMenuContextHelpId
ShowCaret
SwitchDesktop
SystemParametersInfoW

gdi32

CreateDIBSection
CreateFontA
DeviceCapabilitiesExW
EnumICMProfilesW
FlattenPath
FloodFill
GdiPlayDCScript
GetCharWidthFloatA
GetDCOrgEx
GetEnhMetaFilePaletteEntries
GetMetaFileBitsEx
GetNearestColor
GetRgnBox
GetTextMetricsA
GetWorldTransform
Polygon
SetBoundsRect
SetPaletteEntries
SetWinMetaFileBits
SetWindowExtEx
WidenPath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14d1eaa2f9b32b2935e56c6eb417db7c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 223KB - Virtual size: 240KB

.rsrc Size: 1024B - Virtual size: 220KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 223KB - Virtual size: 240KB

.rsrc
Size: 1024B - Virtual size: 220KB