67b1ee212902255d8c08bc9f43ad4c7a_JaffaCakes118

General

Target

67b1ee212902255d8c08bc9f43ad4c7a_JaffaCakes118
Size

9KB
MD5

67b1ee212902255d8c08bc9f43ad4c7a
SHA1

407663b0322530c529b7abea2e0edb4378e8cc72
SHA256

5de48fe5b94990eb1a54966835f56a26eb4383d2efd2b180eb3caec6b7edd15a
SHA512

d5b92c4e684cd0aa502f560960f9d4d68d782c2d9e7afbf8f3cdd0ced4e04cdc3f30d53740679da63886fbbd7d0fe52b33dec40992b8721204c709cbbab8aecd
SSDEEP

96:bGqrVr7VFumzQrMo3vimc9nr54SvE+T2/WNVXq7xdXKFWNBbtrVleP8Owc5Wtjl/:bDFugcMo/iFnrmopQQMNBbRedRWtVAF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67b1ee212902255d8c08bc9f43ad4c7a_JaffaCakes118

Files

67b1ee212902255d8c08bc9f43ad4c7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cbba0a144abe596884fc51d498c3e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
LoadLibraryA
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
FreeLibrary
GetProcAddress
lstrcatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetStartupInfoA
CreateProcessA
GetTickCount
GetThreadPriority
FindFirstFileA
CancelIo
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetFileInformationByHandle
SetFilePointer
ReadFile
CloseHandle
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

GetCaretPos
ClipCursor
SetActiveWindow
wsprintfA
GetCursor
GetClipCursor
GetCaretBlinkTime
DestroyCaret
GetActiveWindow
ClientToScreen
GetCapture
GetTopWindow

gdi32

GetBrushOrgEx
FlattenPath
UnrealizeObject
EndDoc
GetBkColor
AbortPath
WidenPath
StrokePath
EndPage
GdiFlush
GetBkMode
GetColorSpace
GdiSetBatchLimit
GdiGetBatchLimit
CloseFigure
StrokeAndFillPath
AbortDoc
StartPage
FillPath
CreateCompatibleDC
PathToRegion
EndPath
CancelDC
CreateCompatibleBitmap
BeginPath

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 358B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cbba0a144abe596884fc51d498c3e0c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 358B

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 358B

.reloc
Size: 1024B - Virtual size: 840B