a5563f2a461df0ce9e2fe7bf978ecfb8_JaffaCakes118

General

Target

a5563f2a461df0ce9e2fe7bf978ecfb8_JaffaCakes118
Size

2.4MB
MD5

a5563f2a461df0ce9e2fe7bf978ecfb8
SHA1

ed83c265073ceccfb8c3ff6f255f9928e76f7e99
SHA256

c4334ca7434bb74d92ace1a9e5683f435d6aa885e5ff5f805f2ded5d32c0acb4
SHA512

d907c9557bfff28470779035597004f4cada3245f98b1b8cf49dab7a0e742c91260a08ca09b85b0f5da5c8a48789706520370ee53edfd0a063c6a7d1fd94c56f
SSDEEP

24576:Wnm1pThZzcIpEHZVyxGPhcsIIAnjFsRKlKvYZcqAKleGW2pm:/gISLy4hcUAxsRqKecLKgGNA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5563f2a461df0ce9e2fe7bf978ecfb8_JaffaCakes118

Files

a5563f2a461df0ce9e2fe7bf978ecfb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2636465759384abe29a2df357b7077d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create

user32

IsClipboardFormatAvailable
LoadKeyboardLayoutW
GetClipboardData
IsCharAlphaA
IsIconic
RegisterClassExA
CharToOemW
ClientToScreen
GetForegroundWindow

kernel32

SetCommTimeouts
WriteConsoleOutputW
DeleteFiber
SetConsoleCursorPosition
VirtualLock
FindFirstFileA
SetEvent
GetAtomNameA
FlushConsoleInputBuffer
ExitProcess
DuplicateHandle
GetFullPathNameA
ReleaseSemaphore
OutputDebugStringA
GlobalReAlloc
SizeofResource
CreateProcessA
GetCPInfo
GetFileAttributesA
PulseEvent
ReadFile
MultiByteToWideChar
lstrcatW
GlobalFree
SetEndOfFile
SetConsoleMode
GetModuleFileNameW
GetProcessHeap
CreateWaitableTimerA
GetCommModemStatus
GetBinaryTypeA
CreatePipe
GetLocaleInfoW
GetVersion
GetNumberFormatW
PrepareTape
OutputDebugStringW
RaiseException
ReadConsoleA
VirtualFree
IsProcessorFeaturePresent
AreFileApisANSI
VirtualAllocEx
_lopen
ExitThread
GetDiskFreeSpaceW
IsDBCSLeadByteEx
EnumCalendarInfoW
GetTapeStatus

shell32

SHGetSpecialFolderPathA
SHChangeNotify

Sections

.text
Size: 684KB - Virtual size: 683KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2636465759384abe29a2df357b7077d

Headers

File Characteristics

Imports

comctl32

user32

kernel32

shell32

Sections

.text Size: 684KB - Virtual size: 683KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 394KB - Virtual size: 393KB

.text
Size: 684KB - Virtual size: 683KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 394KB - Virtual size: 393KB