658e5a722cc7a66f79454b15268a9a15_JaffaCakes118

General

Target

658e5a722cc7a66f79454b15268a9a15_JaffaCakes118
Size

44KB
MD5

658e5a722cc7a66f79454b15268a9a15
SHA1

9152b7638f660bf42da5986f4640dcedbc45a0e2
SHA256

bc5c4c20abb2179dc4d71541942bcce53542a4090792f3a0bfd7afa0725c96ed
SHA512

3794d10f6ab360cc7cf2402ec1aaa797c33b86a53fa2a8a099548f24b00e38aafb07fed9f1610b44c5bc72a17eb364fe382de71c85d2c19478a78ce41d26f124
SSDEEP

768:VgVVu1uf25tUjCt7ss0gJMArW9bw0M3pXtowY1PjIZnzZ6zZ8zKu:VgL9f2D7IspJi9bC5XtowYBjIZnzZ6zO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658e5a722cc7a66f79454b15268a9a15_JaffaCakes118

Files

658e5a722cc7a66f79454b15268a9a15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

630af2ff621c9614f0e5436cb7cffb9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
InvalidateConsoleDIBits
RegisterWaitForSingleObject
WaitForMultipleObjects
SetThreadIdealProcessor
CreateHardLinkW
GetThreadLocale
ReadConsoleOutputA
GetConsoleAliasExesA
TerminateProcess
TerminateJobObject
FindFirstFileW
CreateWaitableTimerA
WriteFileGather
GetLocaleInfoA
HeapCompact
HeapCreateTagsW
CopyFileExA
ReplaceFileA
FoldStringW

user32

WINNLSGetEnableStatus
LockWorkStation
TranslateMessage
GetLastActivePopup
SendMessageA
DialogBoxParamW
GetClassInfoExW
PostMessageA
LoadImageW
DdeSetUserHandle
DestroyMenu
PostMessageW
InternalGetWindowText
TrackMouseEvent
DlgDirSelectComboBoxExA
GetClassLongA
PrivateSetDbgTag

gdi32

GetEnhMetaFileDescriptionA
GdiValidateHandle
CreateDCA
RectVisible
FONTOBJ_pfdg
GdiConvertToDevmodeW
EngWideCharToMultiByte
MaskBlt
EngCreateSemaphore
STROBJ_bGetAdvanceWidths
GetGlyphIndicesW
SetSystemPaletteUse
GdiConvertDC
AngleArc
SaveDC
GdiEntry15
GetMetaFileW
CreateScalableFontResourceW
CreateHatchBrush
GetColorSpace
EnumFontsA
ResetDCW
BeginPath
GetCharABCWidthsI
AddFontResourceExW
GetMapMode
GetDIBColorTable
Arc
GetFontAssocStatus
CLIPOBJ_cEnumStart
GdiReleaseDC
GetTextAlign
GetViewportOrgEx
GetPixel

comdlg32

GetOpenFileNameW
dwOKSubclass
PrintDlgExA
GetFileTitleA
ChooseColorW
ReplaceTextA
Ssync_ANSI_UNICODE_Struct_For_WOW
FindTextW
LoadAlterBitmap

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

630af2ff621c9614f0e5436cb7cffb9c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 4KB