8e960e798b4394a063145fc601f9b9c9_JaffaCakes118

General

Target

8e960e798b4394a063145fc601f9b9c9_JaffaCakes118
Size

39KB
MD5

8e960e798b4394a063145fc601f9b9c9
SHA1

a5de13c98b8a869681dda6039e88bf9c3cbc44f1
SHA256

01371817544aa246addb51f2074df80d13bc48f7df69c91a6aff66817e777073
SHA512

503acad39d6509b5b809666df3f518f406e2f28b5b431dad1399435f266340a7e5538f954ab14e09b8798a814125acd40e0e212303a0f309475390a59cdd5bca
SSDEEP

768:QUlNBQWwdvLR8YrAJseLMMGhGrB26ZJddoyhy9Ccu/hRiNQEJ:Z+WwdvLioAxD9FtjoyCCVhMN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e960e798b4394a063145fc601f9b9c9_JaffaCakes118

Files

8e960e798b4394a063145fc601f9b9c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa1871196b5b3473d9ad76c942d22c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CopyFileW
DisconnectNamedPipe
EnumResourceTypesA
ExitProcess
FreeConsole
GetBinaryType
GetFullPathNameA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleW
GetUserDefaultLCID
GetVolumeInformationW
GlobalDeleteAtom
HeapDestroy
LockFileEx
RtlFillMemory
SetConsoleCP
SetConsoleTitleW
SetCurrentDirectoryW
SetErrorMode
SetMailslotInfo
SignalObjectAndWait
SwitchToFiber
Thread32First
WriteConsoleOutputW
WritePrivateProfileStringA
lstrlen

user32

BeginDeferWindowPos
CallMsgFilterA
CharNextExA
CloseClipboard
DdeConnect
DdeNameService
DeferWindowPos
EnumPropsA
GetClassInfoA
GetClipCursor
GetDlgCtrlID
GetGUIThreadInfo
GetLastActivePopup
LoadIconA
RegisterTasklist
SetCaretPos
SetUserObjectInformationA
SetWindowsHookA
SetWindowsHookExA
ToUnicode
ValidateRgn

gdi32

ChoosePixelFormat
CloseEnhMetaFile
CreateEnhMetaFileW
CreateFontA
CreatePen
EnableEUDC
ExtCreateRegion
ExtSelectClipRgn
GdiPlayJournal
GetCurrentObject
GetDeviceGammaRamp
GetEnhMetaFileDescriptionW
GetEnhMetaFileW
GetLogColorSpaceA
GetMetaFileBitsEx
GetMetaFileW
GetMetaRgn
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextMetricsA
PathToRegion

Sections

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa1871196b5b3473d9ad76c942d22c7b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

Size: 512B - Virtual size: 4KB

.data Size: 37KB - Virtual size: 60KB

.data
Size: 37KB - Virtual size: 60KB