8957f4bdf5acfa5f2f947806afab04d9_JaffaCakes118

General

Target

8957f4bdf5acfa5f2f947806afab04d9_JaffaCakes118
Size

130KB
MD5

8957f4bdf5acfa5f2f947806afab04d9
SHA1

f869f7116c6bb6b06111954cfff00b7bc3751a14
SHA256

0e873c0a02a4cfd43ddd66c94f66defe9d7629b754e0225ead663610f9bef3ec
SHA512

5b02dd42c60a48913d8922561f059ccedf756e305b4078db0288372105afacd92ab0230385c4c8093d5386adf5d3cacc753bd7f14e3d3b08e15764d5f971b6c3
SSDEEP

3072:oBDG8XGjV9CPdrereyYmNd0zSO3eAT+q26TfCshbMDa0e:eDGuGjV9CFejPAzl3Fiq26v/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8957f4bdf5acfa5f2f947806afab04d9_JaffaCakes118

Files

8957f4bdf5acfa5f2f947806afab04d9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

65c19acda319818dc63e3d519efa027f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
__getmainargs
_XcptFilter
__setusermatherr
_acmdln
__p__fmode
_except_handler3
__set_app_type
_controlfp
exit
__p__commode
_adjust_fdiv
_exit
memcpy

gdi32

CreateRectRgnIndirect
EndDoc
DeleteObject
CreateCompatibleDC
SetBkMode
SelectObject
GetStockObject
CreateSolidBrush
SetTextColor
BitBlt

kernel32

VirtualProtect
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcessId
HeapAlloc
HeapCreate
GetStartupInfoA

user32

GetDC
RemoveMenu
SetDlgItemTextA
DestroyWindow
GetMenuItemCount
TrackPopupMenu
BeginPaint
CallWindowProcA
IsZoomed
DefDlgProcA
CopyRect
GetActiveWindow
FrameRect
GetWindow
OffsetRect
InvalidateRect
BeginDeferWindowPos
LoadAcceleratorsA
GetWindowThreadProcessId
CreateMenu
SetWindowLongA
GetUpdateRgn
DefMDIChildProcA
EndDialog
GetCapture
ClientToScreen
EndDeferWindowPos
IsDialogMessageA
SetPropA
FindWindowA
SetClipboardData
UnionRect

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65c19acda319818dc63e3d519efa027f

Headers

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 40KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 40KB

.rsrc
Size: 19KB - Virtual size: 18KB