84ead41458977410aba3fb0c0c1a3945_JaffaCakes118

General

Target

84ead41458977410aba3fb0c0c1a3945_JaffaCakes118
Size

9KB
MD5

84ead41458977410aba3fb0c0c1a3945
SHA1

9b7e23907c94335c185a87f5f908d72190da0295
SHA256

6d90271675fb360408c9059648bae62f2a2d8fa835b9b6f28835f11dc7cce1e8
SHA512

24dddc8c3ae6aa4b560f5ead9bce98ae0c5b993dd74c1211a0dff54043e8c5db7967e4dd719fc74c2a0fb18675e74e1907929256228974888b049b57c5519244
SSDEEP

192:b0eq+XPH9kmnfUgy4VApDGaoY2DKXv4PxURWczvc9MTEBjp:BN/9kmnfUghWDUY2Dyv4PxURWczvc9Mo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84ead41458977410aba3fb0c0c1a3945_JaffaCakes118

Files

84ead41458977410aba3fb0c0c1a3945_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9851bcc3e5263e8b5382aaf42c7af925

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
FreeLibrary
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
lstrcatA
GetACP
GetProcAddress
GetCurrentThread
GetStartupInfoA
CreateProcessA
GetCurrentProcessId
FindFirstFileA
CancelIo
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetCurrentProcess
GetCurrentThreadId
GetFileInformationByHandle
SetFilePointer
ReadFile
GetTickCount
CloseHandle
GetThreadPriority
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

GetCaretPos
wsprintfA
ClipCursor
DestroyCaret
GetCursor
SetActiveWindow
GetTopWindow
GetClipCursor
GetCapture
GetCaretBlinkTime
GetActiveWindow
ClientToScreen

gdi32

StrokeAndFillPath
GdiFlush
WidenPath
UnrealizeObject
FillPath
FlattenPath
GetBkColor
PathToRegion
EndPath
StrokePath
AbortDoc
CreateCompatibleBitmap
CancelDC
GetColorSpace
GdiGetBatchLimit
BeginPath
CloseFigure
GetBrushOrgEx
CreateCompatibleDC
GdiSetBatchLimit
EndPage
StartPage
EndDoc
GetBkMode
AbortPath

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9851bcc3e5263e8b5382aaf42c7af925

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 533B

.reloc Size: 1024B - Virtual size: 950B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 533B

.reloc
Size: 1024B - Virtual size: 950B