a7370d4192317290842e42c3f74311d1_JaffaCakes118

General

Target

a7370d4192317290842e42c3f74311d1_JaffaCakes118
Size

42KB
MD5

a7370d4192317290842e42c3f74311d1
SHA1

8dbe2eb7945abab68a9afcdd53f03e896f87d7d9
SHA256

7da185a34ae251f04ca03d44206f998c6ea3c9cca1682ec23d83c3af3c1f58fc
SHA512

c7355daa30a7d1e4025f9d6f157929884c99fdbd3191a20638ac3d8cfebc2cf9162dc1381017ea858fedbb6f4578006da98120ab8c25b5a1d3852125069a448f
SSDEEP

768:r72Fqqt1iIPrmlDhMeSR+dgXjJ5pOvjc6pLbWr/iihOBEy:/qLPcgcGXjJ58c6pLbWr/hhOBh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7370d4192317290842e42c3f74311d1_JaffaCakes118

Files

a7370d4192317290842e42c3f74311d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dffa8e15d33f3809a2a3658b6ab0861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeMountPointA
VirtualProtect
ResetEvent
IsSystemResumeAutomatic
AddAtomW
OpenJobObjectA
GetLastError
WriteFileEx
OutputDebugStringA
LCMapStringA
FlushViewOfFile
AllocateUserPhysicalPages
PeekConsoleInputW
LoadModule
FreeEnvironmentStringsA

user32

InSendMessage
SetWindowContextHelpId
MapWindowPoints
UpdateWindow
DialogBoxIndirectParamA
GetQueueStatus
DialogBoxIndirectParamW
CloseWindowStation
ChangeDisplaySettingsA
SendMessageA
SetTimer
SetSysColors
PrivateSetDbgTag
GetWindowPlacement
TileWindows
DdeCreateStringHandleW
ShowWindow
DestroyMenu
LoadCursorFromFileA
IsChild
DdeAddData
UnregisterClassA
GetSubMenu
MoveWindow
CreateIconFromResource
IsCharLowerA
PostQuitMessage
DeregisterShellHookWindow

gdi32

OffsetViewportOrgEx
PATHOBJ_vGetBounds
GetClipRgn
BRUSHOBJ_pvGetRbrush
GetFontData
DeleteObject
GetRandomRgn
GdiSetBatchLimit
EngCreateBitmap
PathToRegion
ChoosePixelFormat
MirrorRgn
EngMultiByteToWideChar
CreateSolidBrush
GetTextCharacterExtra
EnumFontFamiliesExW
EnumMetaFile
CreateCompatibleBitmap

comdlg32

ReplaceTextA
FindTextA
GetFileTitleA
GetOpenFileNameA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetSaveFileNameW
FindTextW
ChooseFontW
dwLBSubclass
GetSaveFileNameA
PrintDlgW
PrintDlgA
PrintDlgExA
dwOKSubclass
GetOpenFileNameW
PageSetupDlgA

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4dffa8e15d33f3809a2a3658b6ab0861

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1.0MB

.data Size: 34KB - Virtual size: 36KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1.0MB

.data
Size: 34KB - Virtual size: 36KB

.idata
Size: 2KB - Virtual size: 4KB