857404fc735d14a6589db691aa089ce9_JaffaCakes118

General

Target

857404fc735d14a6589db691aa089ce9_JaffaCakes118
Size

9KB
MD5

857404fc735d14a6589db691aa089ce9
SHA1

8965207cf19bba4c652a6fa6acee8ce9938a9ef3
SHA256

301bd6ddd067250f0873667bfb411c10d96797c54f6cf6a5b6eaa90cb0954138
SHA512

b784357dc62437d13c8244c67a0f115c51c48bcdb984c6bb336e24bf7b4c0ff91324af135e149bcaa09fb2daaa72331cc3a9552b6bbdeea75b4b4789fc71adc7
SSDEEP

192:bC8qaqLTpa63oYhXI7K7tpY7BBLKI/YyqI/KfGDRWz2fRozdh5EpkM:O1LFa63oY5IymCHNfGDRWifO75IkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
857404fc735d14a6589db691aa089ce9_JaffaCakes118

Files

857404fc735d14a6589db691aa089ce9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a857780ea214fcf9d319ea8142cc36e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
LoadLibraryA
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
FreeLibrary
GetCurrentProcessId
lstrcatA
GetProcAddress
GetACP
GetCurrentThread
GetStartupInfoA
CreateProcessA
GetTickCount
GetThreadPriority
FindFirstFileA
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetFileInformationByHandle
CancelIo
SetFilePointer
ReadFile
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

GetActiveWindow
GetTopWindow
ClipCursor
wsprintfA
ClientToScreen
DestroyCaret
GetCursor
GetCaretBlinkTime
GetClipCursor
SetActiveWindow
GetCapture
GetCaretPos

gdi32

CloseFigure
EndPage
GetBkColor
StrokePath
EndDoc
CreateCompatibleBitmap
GdiGetBatchLimit
BeginPath
UnrealizeObject
GdiFlush
WidenPath
GetBkMode
CreateCompatibleDC
StartPage
FillPath
AbortPath
EndPath
GetBrushOrgEx
StrokeAndFillPath
AbortDoc
GdiSetBatchLimit
PathToRegion
GetColorSpace
CancelDC
FlattenPath

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a857780ea214fcf9d319ea8142cc36e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 500B

.reloc Size: 1024B - Virtual size: 922B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 500B

.reloc
Size: 1024B - Virtual size: 922B