8585e4bb5cf858060dff3b7be6ac14e0_JaffaCakes118

General

Target

8585e4bb5cf858060dff3b7be6ac14e0_JaffaCakes118
Size

187KB
MD5

8585e4bb5cf858060dff3b7be6ac14e0
SHA1

b8f9c2d0cbbc782461f0a3b3abd794869b16bfd9
SHA256

8d0dc21187ce65fd2df6af7fbd83ce8f39d701c7c5793c833a6664435214c2ae
SHA512

be4bda582c271d5bf5da28da4663315c5e2fa3fb25b31fd5d16ab312cc058114729fc7ab3ffcbad49f36a70de54f237ea68d39c790ce6d9a92b4cda61659f45f
SSDEEP

3072:KfmZgbR6EQE7er4h6EijuysjtC9TlUgJb1D04dffM4lM297qVfjJu9gqw4dvSABH:Kfm8R6EQq8409aysjMxb1D06fEQnurFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8585e4bb5cf858060dff3b7be6ac14e0_JaffaCakes118

Files

8585e4bb5cf858060dff3b7be6ac14e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9fe6bd4624a0454f2f2c5fe8f395e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
SetThreadPriority
SetFileValidData
SetConsoleTextAttribute
CloseHandle
SetConsoleCtrlHandler
ScrollConsoleScreenBufferW
ReadFileScatter
HeapAlloc
GetProcessHeap

ntdll

RtlGUIDFromString
RtlSubtreePredecessor

user32

GetDCEx
GrayStringA

advapi32

StartTraceA
StartServiceCtrlDispatcherA

gdi32

GetFontData
GetCurrentObject
GetBitmapBits
FillPath
GetSystemPaletteUse
DeleteObject
CreateSolidBrush
CreateRectRgn
AbortPath
Pie
DrawEscape
PtInRegion
SetBitmapBits
SetMapperFlags
SetPolyFillMode
GdiTransparentBlt
StrokePath
PolyPolyline

shlwapi

SHRegCreateUSKeyA

shell32

SHEmptyRecycleBinA
SHInvokePrinterCommandA

nddeapi

NDdeGetErrorStringA

Exports

Exports

AnJ2qj
Mcy2zH5eG
N0OxZcMMoirho
N9XCByZGz2LO5vwV
bBw
h9fnGKiOIH99uyQ
jcPvP0jP2tpicGAg
yXbejn5scxzof

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9fe6bd4624a0454f2f2c5fe8f395e7b

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

gdi32

shlwapi

shell32

nddeapi

Exports

Exports

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 217KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 217KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 2KB