aa5efaa007fb4abd856352c5f635fd59_JaffaCakes118

General

Target

aa5efaa007fb4abd856352c5f635fd59_JaffaCakes118
Size

166KB
MD5

aa5efaa007fb4abd856352c5f635fd59
SHA1

e10d7a8ebaec3a87b704ef60876b802bf37dd957
SHA256

11288220befd233222cb9fd495589315d74c523769d3266dfa64cadf5925c332
SHA512

2b234c8a10d8a47634503f759c9c177645c0ec0cc980e129ae7bef50b1b02cb264b8d1659edd1db9a75d73b5574ce24466c1673caae25c786446d2193d92bdff
SSDEEP

3072:LgRTZtBorAEZ/AokTrsJavTLcWh1VtzihLTHNnI/80cLGfk:LKPorpzkTIJ+Xc6CP5IYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5efaa007fb4abd856352c5f635fd59_JaffaCakes118

Files

aa5efaa007fb4abd856352c5f635fd59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d5c109716dc81a0ce9f109e96de20ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupWrite
CallNamedPipeW
CopyFileExA
CreateMutexA
CreateMutexW
CreateRemoteThread
EnumDateFormatsW
ExitProcess
FindResourceExA
GetComputerNameW
GetDiskFreeSpaceW
GetNamedPipeHandleStateA
GetNumberOfConsoleMouseButtons
GetProcessAffinityMask
GetProcessHeap
GetProcessPriorityBoost
LoadLibraryW
LocalLock
OpenProfileUserMapping
SetFileAttributesW
SetLocaleInfoW
TerminateProcess
lstrcatA

user32

CallWindowProcA
CharLowerBuffA
CreateCursor
DdeAbandonTransaction
DdeGetLastError
DdeSetQualityOfService
DefMDIChildProcA
DlgDirListA
DlgDirSelectExW
GetCaretBlinkTime
GetClipboardFormatNameA
GetClipboardOwner
MessageBoxIndirectA
MonitorFromPoint
MsgWaitForMultipleObjects
OpenDesktopA
RealGetWindowClass
SetActiveWindow
SetClipboardViewer
SetDlgItemTextA
SetWindowLongA
UnhookWindowsHookEx
VkKeyScanExA

gdi32

CombineTransform
CopyEnhMetaFileA
CreateDCW
CreateDIBPatternBrushPt
CreateFontIndirectW
CreateICW
CreateMetaFileW
DeleteDC
EnumICMProfilesA
GdiPlayScript
GetCharWidth32W
GetCharWidthW
GetCharacterPlacementA
GetDCOrgEx
GetRegionData
GetTextAlign
GetWindowExtEx
LPtoDP
MaskBlt
OffsetWindowOrgEx
PolyPolygon
PolyTextOutW
PtInRegion
RestoreDC
SetBkColor

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d5c109716dc81a0ce9f109e96de20ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 8KB

.data Size: 164KB - Virtual size: 172KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 616KB

.text
Size: 512B - Virtual size: 8KB

.data
Size: 164KB - Virtual size: 172KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 616KB