6819049c8300ef3d403ce2df8485540a_JaffaCakes118

General

Target

6819049c8300ef3d403ce2df8485540a_JaffaCakes118
Size

56KB
MD5

6819049c8300ef3d403ce2df8485540a
SHA1

9ebd8bd3471be6febc0ce51b4b8778da79f95765
SHA256

d2647cf804d85a8605ba3939cdc42f74948f1f2da9e377a8d952cdb572eed1f4
SHA512

267804aed56f7e760ad93cf4a87d8d6a0a26aa24fafb99a0d51073494ef9582123a8985bb8bef306a155b8a4fcbd2fbb2d1878b1757cf32823f6350f4f797be3
SSDEEP

768:V4/ExdF9PJqVPZjo48Ps+rSxO4VCC7xgE7dChMYSyvgty89o4BgGBld595tJJAJQ:V4/WPJqtZsaT97x17gu3hzzPtEZ89XVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6819049c8300ef3d403ce2df8485540a_JaffaCakes118

Files

6819049c8300ef3d403ce2df8485540a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca9288925ea60d93e236fefdfba67b78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
ClearCommBreak
CreateWaitableTimerA
DefineDosDeviceA
EnumDateFormatsW
ExitProcess
FileTimeToLocalFileTime
FillConsoleOutputCharacterA
FormatMessageW
GetCurrentProcess
GetSystemTimeAdjustment
GlobalDeleteAtom
IsBadCodePtr
LocalSize
MapViewOfFileEx
PurgeComm
SearchPathW
SetProcessWorkingSetSize
WriteConsoleInputA
WriteProcessMemory

user32

AnyPopup
DispatchMessageW
DrawCaptionTempA
DrawStateW
EnumChildWindows
EnumDesktopWindows
GetClassWord
GetInputState
GetMessageA
GetMessageExtraInfo
GetTabbedTextExtentW
IntersectRect
InvalidateRect
LoadMenuIndirectW
MapVirtualKeyExA
RegisterClipboardFormatW
SetCursor
SetDlgItemTextW
SetKeyboardState
SetMenuContextHelpId
SetMessageExtraInfo
ToUnicodeEx

gdi32

AbortDoc
CopyEnhMetaFileA
CreateDIBPatternBrush
CreateEllipticRgnIndirect
CreateFontIndirectA
CreatePen
CreateScalableFontResourceA
DeleteDC
DescribePixelFormat
EnumFontsA
GdiPlayScript
GetCharWidthW
GetGlyphOutlineW
GetMetaFileW
GetPath
GetStockObject
GetTextExtentExPointA
OffsetRgn
PathToRegion
PlayEnhMetaFile
SetBitmapDimensionEx
SetMetaFileBitsEx
SetStretchBltMode
SetViewportOrgEx
StrokePath

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca9288925ea60d93e236fefdfba67b78

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.rdata Size: - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 16KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.rdata
Size: - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 16KB