941d4facdf21dedea5585da46c9cbb71_JaffaCakes118

General

Target

941d4facdf21dedea5585da46c9cbb71_JaffaCakes118
Size

35KB
MD5

941d4facdf21dedea5585da46c9cbb71
SHA1

617de117ad0256cb7ecf8625595ddf09599528da
SHA256

28560d297dcb8b847d60fe5bfd6d946a05a3986816272c9ee1da56e70e1fa84b
SHA512

a41dac37914184394b7e268f323348ca7bab53971a2f50f9011605438b7e286cc2deba4e9a71858d07dc18d040125fca344692f05dfd7b5c9ca1954c6f23fcb4
SSDEEP

768:r/3/O18lOml/tecyu4cC86nIgPdMrIP0CrdCtN60fsY:rHO18IKcu53de2uhr8tN60fL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
941d4facdf21dedea5585da46c9cbb71_JaffaCakes118

Files

941d4facdf21dedea5585da46c9cbb71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

550a0c0fb91fc64e0fd0af552cc8c819

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
UnmapViewOfFile
GetComputerNameA
IsBadStringPtrW
IsDBCSLeadByte
TlsSetValue
LoadLibraryExW
ReadConsoleOutputCharacterW
GetVDMCurrentDirectories
VerLanguageNameW
InvalidateConsoleDIBits
DeleteTimerQueue

gdi32

EndPage
MoveToEx
RectInRegion
Polyline
EndDoc
DeleteObject
DeleteDC
CreateRectRgn
CreateRectRgnIndirect
SetTextAlign
SetMapMode

ole32

OleDraw
CoIsOle1Class
CoGetMalloc
CoRevokeMallocSpy
OleCreateLinkFromData
OleRun
OleQueryCreateFromData
CoRegisterPSClsid
OleCreateEmbeddingHelper
OleCreateLinkToFile
OleRegEnumVerbs

ulib

?Initialize@STRING_ARRAY@@QAEEKKK@Z
?MoveCursorTo@SCREEN@@QAEEGG@Z
?QueryRoot@PATH@@QAEPAVWSTRING@@XZ
??1MULTIPLE_PATH_ARGUMENT@@UAE@XZ
??1CHKDSK_MESSAGE@@UAE@XZ
?WriteByte@STREAM@@QAEEE@Z
??0BITVECTOR@@QAE@XZ
?ReadWLine@STREAM@@QAEEPAGKPAKEK@Z
?NewBuf@FSTRING@@UAEEK@Z
?Initialize@TIMEINFO@@QAEEPAU_FILETIME@@@Z

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

550a0c0fb91fc64e0fd0af552cc8c819

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

ulib

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 61KB

.rsrc Size: 1024B - Virtual size: 960B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 61KB

.rsrc
Size: 1024B - Virtual size: 960B