a68d3dc7928ba662beab4f88d14f6fd4_JaffaCakes118

General

Target

a68d3dc7928ba662beab4f88d14f6fd4_JaffaCakes118
Size

74KB
MD5

a68d3dc7928ba662beab4f88d14f6fd4
SHA1

ad9991cd557f6f613d0167daf0251dd7dd78e936
SHA256

213a9db07774f6bc05c3b4ef4b7c4a77715976bef53506d2322f815ea708748e
SHA512

44597b88fd992994662b6d86ac5491495ff24dc160b883e0841862b3a7ba1279337bb4340dd7271bf0c995313e40686bba370a0f60b3cae03ce1ba3fee390d70
SSDEEP

768:ZRry5PCwQST4qDuWtiG6h75J5Z/CKM46NE/GiyTooWT5EfWFtt7dinxfmwB9u7Ie:TW4rS8qDuWtipP5MN4pOfQKxfPwHf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a68d3dc7928ba662beab4f88d14f6fd4_JaffaCakes118

Files

a68d3dc7928ba662beab4f88d14f6fd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bf0504ad4d381e648ee545b57c87eeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetTickCount
GetExitCodeProcess
MoveFileA
GlobalUnlock
EndUpdateResourceA
GetEnvironmentStringsA
GetConsoleHardwareState
MultiByteToWideChar
GetModuleFileNameA
WriteConsoleInputW
GetPriorityClass
lstrcpynA
SetConsoleCursor
SetThreadLocale
EscapeCommFunction
GetModuleFileNameW
TerminateProcess
lstrcmp
OpenSemaphoreW
WriteProfileSectionA
WriteFileEx
FreeEnvironmentStringsA
VirtualAlloc
WriteProfileSectionW
GlobalAlloc
GetFileSize
GetCompressedFileSizeA
GetTimeZoneInformation
BuildCommDCBW
lstrcmpA
FindAtomW
SearchPathW

user32

TranslateMDISysAccel
GrayStringW
GetClassLongA
LoadCursorA
GetActiveWindow
SetClassLongW
SystemParametersInfoA
MenuWindowProcW
SwitchDesktop
IsCharUpperA
GetMenuItemInfoA

gdi32

CreateCompatibleBitmap
LineTo
SetFontEnumeration
RemoveFontResourceW
CreateColorSpaceA
IntersectClipRect
ExtSelectClipRgn
BeginPath
SetPixel
CreateEnhMetaFileW
PolyBezierTo
CreateRectRgn
OffsetRgn
SetROP2
GetDeviceCaps
CreateDIBitmap
GetRgnBox
DrawEscape
GetLogColorSpaceW
SetSystemPaletteUse
GetMiterLimit
PolyPatBlt
GetPixel
SetArcDirection
GetTextColor
GetRegionData
OffsetViewportOrgEx
ArcTo
GdiGetCodePage
MaskBlt
GetStockObject

Sections

.data
Size: 4KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 38KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 25KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf0504ad4d381e648ee545b57c87eeb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.data Size: 4KB - Virtual size: 108KB

BSS Size: 38KB - Virtual size: 164KB

.idata Size: 3KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 28KB

.text Size: 25KB - Virtual size: 72KB

.data
Size: 4KB - Virtual size: 108KB

BSS
Size: 38KB - Virtual size: 164KB

.idata
Size: 3KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 28KB

.text
Size: 25KB - Virtual size: 72KB