834c64b366a8aaffb6408cfff4c52e19_JaffaCakes118

General

Target

834c64b366a8aaffb6408cfff4c52e19_JaffaCakes118
Size

42KB
MD5

834c64b366a8aaffb6408cfff4c52e19
SHA1

cb9c22c4a800f3aa1f8c892583d1dfbd3d753d96
SHA256

37a57116a604b8a45d42cfbcde254d0578dee3b0132e2d70fa8d42077b7ebccc
SHA512

8f10ffe665dd1e375faabafd6dcde8d2ec33baef09d7248240b73e40e0d145b8257b7d8d41ae1af591d126f7eb7dfe0d1f466216f73bf9e12a1af135e2f51e21
SSDEEP

768:Afa8Gu1WuH5pLWV4bJK24WLwlXG2loHYyUI9mdDgwxJxwZ:x6jaQ/4QkXGfHYyUVdEwxJxC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
834c64b366a8aaffb6408cfff4c52e19_JaffaCakes118

Files

834c64b366a8aaffb6408cfff4c52e19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25ae5787ae8a5c2e7a1e5cf5ed6e614d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
FreeUserPhysicalPages
EnumUILanguagesW
GetBinaryType
QueryDosDeviceA
FileTimeToDosDateTime
GetLastError
VirtualProtect
SetCommTimeouts
CreateFileMappingA
GetVersion
GetSystemWindowsDirectoryA
WritePrivateProfileStructA
Heap32Next
WinExec
CreateNamedPipeW
LocalShrink
MulDiv
GetProcessVersion

user32

GetProcessDefaultLayout
GetKeyState
DlgDirListW
DdeGetQualityOfService
CallWindowProcW
SetCursor
IsRectEmpty
SendMessageTimeoutW
MapVirtualKeyW
CharUpperA
MapWindowPoints
IMPSetIMEW
PtInRect

gdi32

PolyPolygon
GetTextFaceAliasW
EngDeletePath
EngTransparentBlt
EnumFontsA
ResetDCW
StartPage
GetStringBitmapW
GdiAlphaBlend
gdiPlaySpoolStream
GetFontResourceInfoW
GetDIBColorTable
SetBoundsRect
LPtoDP
SetICMProfileW
GetMetaFileW
EnumICMProfilesW
PolyBezierTo
ExtCreateRegion
GdiGetLocalBrush
EngEraseSurface
EqualRgn
XLATEOBJ_hGetColorTransform
GetHFONT
GetTextExtentExPointI
GdiAddFontResourceW
TextOutA
QueryFontAssocStatus
GetDeviceGammaRamp
StrokeAndFillPath
GetObjectType
CreateColorSpaceW
GetEnhMetaFilePaletteEntries

comdlg32

dwLBSubclass
GetFileTitleW
PrintDlgExW
GetOpenFileNameW
GetSaveFileNameW
ChooseColorA
PrintDlgA
FindTextW
CommDlgExtendedError
ReplaceTextA
ChooseFontA
Ssync_ANSI_UNICODE_Struct_For_WOW

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

25ae5787ae8a5c2e7a1e5cf5ed6e614d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB