97349b4b85f26467918e0cec08205787_JaffaCakes118

General

Target

97349b4b85f26467918e0cec08205787_JaffaCakes118
Size

1.4MB
MD5

97349b4b85f26467918e0cec08205787
SHA1

77778c257411d227c7e72d8bd32cfb3eaf00c5a1
SHA256

15e00b36434d28a551d59135ace71635e4a580f7856bd27503087ab0a81b33b5
SHA512

8203d19b33fc6f43af3f1f96bf8eae244c3a84b1c8035375b4a66d4ae1eabdbe75a8a869f12497497410c97f32fb1cadd21658415aed224a3485ac9285f96eea
SSDEEP

192:0Z6FLqSD9Yb95xYUtZKP0daxWTr5JBgCLuQuSnHP4ss/N:OSD9OxtsPvQP5DgCxVs/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97349b4b85f26467918e0cec08205787_JaffaCakes118

Files

97349b4b85f26467918e0cec08205787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b843cbdcebcc0d86455e3e3ae320745

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
GetLargestConsoleWindowSize
GetShortPathNameA
CompareStringA
IsDBCSLeadByte
CreatePipe
GetConsoleCP
TlsFree
CreateMutexA
TlsGetValue
AddAtomA
GetOEMCP
GetModuleHandleA
GetExitCodeThread
GetThreadTimes
VirtualAlloc
SetEvent
GetThreadLocale
GetUserDefaultLangID
ReleaseMutex
GetThreadPriority

user32

GetActiveWindow
GetSystemMetrics
GetWindowTextA
GetFocus
RegisterClassA
ReleaseDC
IsIconic
GetForegroundWindow
GetClassNameA
IsWindowVisible
ValidateRect
ShowWindow
GetWindowTextLengthA
ReleaseDC
CloseWindow
InvalidateRect
GetWindow
GetClassInfoExA
GetDC

dsound

DirectSoundEnumerateA
DllGetClassObject
DirectSoundCreate
DllCanUnloadNow
GetDeviceID

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 33B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b843cbdcebcc0d86455e3e3ae320745

Headers

File Characteristics

Imports

kernel32

user32

dsound

mscms

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1.4MB - Virtual size: 1.4MB

.tls Size: 33B - Virtual size: 33B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.tls
Size: 33B - Virtual size: 33B

.rsrc
Size: 4KB - Virtual size: 4KB