789126cba14911e1944324c95eb0b048_JaffaCakes118

General

Target

789126cba14911e1944324c95eb0b048_JaffaCakes118
Size

93KB
MD5

789126cba14911e1944324c95eb0b048
SHA1

c6587dd0c16629c1055adf749a7ce03a226b022b
SHA256

66ba2b5909c47e8503da49b098eb94efeb9ba00fd6a5c0c49e8488d240092247
SHA512

85ae04227478fe6f60641479caf6433a7474f39c517fbcf9bff6ec78784154c58a287b4bc0521e7d6829a3865779a62c5967d18c483bc9427e9da6a50a81b31c
SSDEEP

1536:MgxnI6Y8V5ODrVwylH/i2SbNdfBPz2qozf1fii:MmFVO/9/ubtBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
789126cba14911e1944324c95eb0b048_JaffaCakes118

Files

789126cba14911e1944324c95eb0b048_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51a5b1164753687475b823ede20114e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
GetBrushOrgEx
CreateCompatibleBitmap
GetPixel
CreateCompatibleDC
ExcludeClipRect
CreateBrushIndirect
CreatePalette
GetPixel
CreateFontIndirectA
GetCurrentPositionEx
GetClipBox
SetTextColor
CreateDIBSection
ExtTextOutA
CreateDIBitmap
CreatePenIndirect
RestoreDC
DeleteDC
CreateHalftonePalette
DeleteObject
GetDCOrgEx
CreateBitmap
GetBitmapBits

kernel32

OpenFile
DeleteAtom
CreateThread
GetFileTime
Sleep
CreateProcessA
FindFirstFileA
FindAtomA
DeleteFileA
GetComputerNameA
ExitThread
OpenFileMappingA
GetCommandLineA
GetCPInfo
ReadConsoleA
GetLastError
GetConsoleMode
GetFileSize
SetLastError
DeleteFileW
GlobalFree
ReadFile
WriteFile
GetStdHandle

comctl32

ImageList_GetIcon
ImageList_LoadImageW
CreateStatusWindowW
DrawStatusText
CreateStatusWindow
ImageList_Draw
ImageList_AddIcon
CreateMappedBitmap
ImageList_Destroy
ImageList_EndDrag
ImageList_GetIconSize
CreateToolbar
CreateToolbarEx
ImageList_DrawEx
DllGetVersion
ImageList_Add
MenuHelp
ImageList_Create
CreateUpDownControl
DrawStatusTextW
ImageList_Copy
ImageList_DragEnter
ImageList_LoadImageA
InitCommonControls

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 25.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51a5b1164753687475b823ede20114e0

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 57KB - Virtual size: 57KB

.tls Size: 4KB - Virtual size: 25.8MB

.rdata Size: 4KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 57KB - Virtual size: 57KB

.tls
Size: 4KB - Virtual size: 25.8MB

.rdata
Size: 4KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 2KB