8869dcfe442a4618812d1e08ddaf3775_JaffaCakes118

General

Target

8869dcfe442a4618812d1e08ddaf3775_JaffaCakes118
Size

187KB
MD5

8869dcfe442a4618812d1e08ddaf3775
SHA1

6c6a64b91f73ae4417dacf9871b8e0b953aece08
SHA256

ecc78f6bb18803a3800e94a74958e1b47181a7a1a280ce5fd86bd92cc3daabbe
SHA512

0887604cb0b3116d86e3feb818e4e9da013b12469fd6acbb4632eda5ec2222bb7b19bc4350579af7cc6cfbc77a4132f4f770c14e2f12810418a16b11873072b2
SSDEEP

3072:KfmZgbR6EQE7er4h6EijuysjtC9TlUgJb1D04dffM4lM297qVfjJu9gqw4dvSAB2:Kfm8R6EQq8409aysjMxb1D06fEQnurF/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8869dcfe442a4618812d1e08ddaf3775_JaffaCakes118

Files

8869dcfe442a4618812d1e08ddaf3775_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9fe6bd4624a0454f2f2c5fe8f395e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
SetThreadPriority
SetFileValidData
SetConsoleTextAttribute
CloseHandle
SetConsoleCtrlHandler
ScrollConsoleScreenBufferW
ReadFileScatter
HeapAlloc
GetProcessHeap

ntdll

RtlGUIDFromString
RtlSubtreePredecessor

user32

GetDCEx
GrayStringA

advapi32

StartTraceA
StartServiceCtrlDispatcherA

gdi32

GetFontData
GetCurrentObject
GetBitmapBits
FillPath
GetSystemPaletteUse
DeleteObject
CreateSolidBrush
CreateRectRgn
AbortPath
Pie
DrawEscape
PtInRegion
SetBitmapBits
SetMapperFlags
SetPolyFillMode
GdiTransparentBlt
StrokePath
PolyPolyline

shlwapi

SHRegCreateUSKeyA

shell32

SHEmptyRecycleBinA
SHInvokePrinterCommandA

nddeapi

NDdeGetErrorStringA

Exports

Exports

AnJ2qj
Mcy2zH5eG
N0OxZcMMoirho
N9XCByZGz2LO5vwV
bBw
h9fnGKiOIH99uyQ
jcPvP0jP2tpicGAg
yXbejn5scxzof

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9fe6bd4624a0454f2f2c5fe8f395e7b

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

gdi32

shlwapi

shell32

nddeapi

Exports

Exports

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 217KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 217KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 2KB