a72ed1f836e1936c2a314ed6fd217ad0_JaffaCakes118

General

Target

a72ed1f836e1936c2a314ed6fd217ad0_JaffaCakes118
Size

10KB
MD5

a72ed1f836e1936c2a314ed6fd217ad0
SHA1

2c45efdbec28388373c0d53f63e4b411144762cc
SHA256

721260ae71b92a980bd8d41d89fb0e28e71094f4fa9a1ee93869e9fe679f4919
SHA512

526fa4ac6739e432dd507016ebf84d9f8d4550b775aaedc6724ee6ea6dc31966d9e9500839b43d56c7be67d9bfbc82bd53dfc208884d0cd69f31277da2494912
SSDEEP

192:pMPftdPBUN+T7Pv3IPB/3XHSCvGRWYxwjt1BN:6PvyN+Tbv3IZ/HSCvGRWYC5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a72ed1f836e1936c2a314ed6fd217ad0_JaffaCakes118

Files

a72ed1f836e1936c2a314ed6fd217ad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

082af055dc110afbd52e8afc7b4740f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
GetFileSize
LoadLibraryA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
GetCurrentThreadId
FreeLibrary
lstrcatA
GetCurrentThread
GetCurrentProcess
CancelIo
GetACP
GetCurrentProcessId
GetStartupInfoA
CreateProcessA
GetProcAddress
FindFirstFileA
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetFileInformationByHandle
SetFilePointer
ReadFile
CloseHandle
GetThreadPriority
HeapAlloc
GetProcessHeap
HeapFree
GetTempFileNameA

user32

wsprintfA
GetCaretPos
SetActiveWindow
DestroyCaret
GetCaretBlinkTime
GetTopWindow
GetActiveWindow
ClipCursor
GetClipCursor
GetCapture
ClientToScreen
GetCursor

gdi32

GdiFlush
EndDoc
CancelDC
GdiGetBatchLimit
EndPage
CreateCompatibleBitmap
GdiSetBatchLimit
GetBkMode
AbortDoc
CreateCompatibleDC
CloseFigure
WidenPath
EndPath
StartPage
StrokeAndFillPath
BeginPath
GetBkColor
FillPath
PathToRegion
GetBrushOrgEx
GetColorSpace
UnrealizeObject
StrokePath
AbortPath
FlattenPath

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

082af055dc110afbd52e8afc7b4740f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 934B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 934B