660a3d627d2b56a354aee13f727f0514_JaffaCakes118

General

Target

660a3d627d2b56a354aee13f727f0514_JaffaCakes118
Size

182KB
MD5

660a3d627d2b56a354aee13f727f0514
SHA1

da1f6464b9312675f70c9f2434142bfa489cdb44
SHA256

6a90747815478927d7dc7b57b7ab28fb796fd7a9854d15f2fcc4af1d8fd65563
SHA512

21e10bdb867fdd477a96963c3cbf86f039b8e25ee54fd10afa4cdf8faa0130813c07015c68e9886bca66021f0a95ac2fdbc389fbd667b3efea837316985e2547
SSDEEP

3072:fLYBctbS2tYdsHvnBtuyFeh6sTyD9+i/77E9BwnmWdToVDz118Aguir1A0:DYB+SkesHfBMtgbI0sOPdCDzjguiR9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
660a3d627d2b56a354aee13f727f0514_JaffaCakes118

Files

660a3d627d2b56a354aee13f727f0514_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a10d4eaa96a8b7ae7d4434c2b7a9c8ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
TlsSetValue
SetVDMCurrentDirectories
GetProfileIntW
RemoveDirectoryA
GetConsoleFontSize
GetConsoleAliasExesA
WriteConsoleOutputCharacterA
GetHandleInformation
OpenFileMappingA
FindNextFileA
GetDevicePowerState
SetTimerQueueTimer
QueryPerformanceCounter
SetEnvironmentVariableA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

EditWndProc
IsIconic
GetThreadDesktop
GetMenuItemRect
SetClipboardViewer

shell32

StrCmpNW
OpenAs_RunDLLW
SHGetDataFromIDListW
StrStrIA
SHGetPathFromIDListA
DllInstall
StrRStrIA
SHFreeNameMappings
SheSetCurDrive
SHGetDataFromIDListW

gdi32

EngEraseSurface
PlayEnhMetaFile
EngGetCurrentCodePage
GdiConvertPalette
GdiPlayScript
EngPlgBlt
GetCharABCWidthsI
ExtSelectClipRgn
EngAlphaBlend
SetWindowOrgEx
GetPath
Arc
EngFindResource
CreateFontIndirectA
GetTextMetricsW
GdiArtificialDecrementDriver
GetWindowOrgEx
ChoosePixelFormat
GetClipRgn
GetGlyphOutlineWow

Sections

.text
Size: 5KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a10d4eaa96a8b7ae7d4434c2b7a9c8ec

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Sections

.text Size: 5KB - Virtual size: 811KB

.data Size: 173KB - Virtual size: 175KB

.rsrc Size: 512B - Virtual size: 4KB

.edata Size: 2KB - Virtual size: 864B

.reloc Size: - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 811KB

.data
Size: 173KB - Virtual size: 175KB

.rsrc
Size: 512B - Virtual size: 4KB

.edata
Size: 2KB - Virtual size: 864B

.reloc
Size: - Virtual size: 4KB