78dee95c246b5c08071c5120b08a7003_JaffaCakes118

General

Target

78dee95c246b5c08071c5120b08a7003_JaffaCakes118
Size

97KB
MD5

78dee95c246b5c08071c5120b08a7003
SHA1

b0b602f92cac7908a324ee04a36b943fdbd92061
SHA256

ca881136f507583a73abc4fe82493a9a36a17b484e50bd771ecb337f9e72f1b7
SHA512

94bb20cffbb3428667c860e96a1c4091a69c81309e55b273ad2160d13a774850708a2e540c8f5af5b9655e9495742b7a86224b0bfca35e7a9d156dbc2c797911
SSDEEP

3072:IzvBf3w2a33ZOlUysbk/9fCoGy4sZF3kJ+B9r01dLQ:UBf3w2a33ZOlUy+k/9foI1kJMw1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78dee95c246b5c08071c5120b08a7003_JaffaCakes118

Files

78dee95c246b5c08071c5120b08a7003_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0ed069c2821a8443e967ff702674e8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetOEMCP
GetLargestConsoleWindowSize
GetExitCodeThread
GetThreadTimes
CompareStringA
GetModuleHandleA
GetThreadPriority
GetUserDefaultLangID
CreateMutexA
SetEvent
GetConsoleCP
CreatePipe
VirtualAlloc
ReleaseMutex
CancelWaitableTimer
TlsGetValue
GetShortPathNameA
AddAtomA
IsDBCSLeadByte
TlsFree

user32

IsIconic
GetForegroundWindow
GetWindowTextA
ReleaseDC
GetClassInfoExA
GetWindowTextLengthA
ValidateRect
GetWindow
ShowWindow
InvalidateRect
GetClassNameA
CloseWindow
ReleaseDC
GetFocus
GetSystemMetrics
GetDC
RegisterClassA
GetActiveWindow
IsWindowVisible

dsound

DllCanUnloadNow
GetDeviceID
DirectSoundEnumerateA
DirectSoundCreate
DllGetClassObject

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0ed069c2821a8443e967ff702674e8e

Headers

File Characteristics

Imports

kernel32

user32

dsound

mscms

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 904KB

.tls Size: 512B - Virtual size: 40B

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 904KB

.tls
Size: 512B - Virtual size: 40B

.rsrc
Size: 64KB - Virtual size: 64KB