ac9e8bf9329baf12e6bcbcc741f48176_JaffaCakes118

General

Target

ac9e8bf9329baf12e6bcbcc741f48176_JaffaCakes118
Size

10KB
MD5

ac9e8bf9329baf12e6bcbcc741f48176
SHA1

28c1ae4f02e0c1cb54f230b21839b32c554dd401
SHA256

4f42291df880d843a240b0c409bcca8bb4d1ad535a667181d934218c76aadad0
SHA512

a8800c856d34de1a3c1177e01c5b3f844095bf840b4f123b7c1019c22fc3e8733bda69e97fc8ce78e5a29f3ad89632bff2b8c08028b6d3fe98c86dc746543061
SSDEEP

192:blERTvZ28aADsbyZSMx0gmWEqI53FTrE49ZRW+6BPspor/w:KxBQVbtjbE43RWjl3w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac9e8bf9329baf12e6bcbcc741f48176_JaffaCakes118

Files

ac9e8bf9329baf12e6bcbcc741f48176_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dad7bdefca134e0230da63da06c5d08e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
CreateDirectoryA
Sleep
GetCurrentThreadId
lstrcmpiA
DeleteFileA
GetCurrentProcessId
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
GetCurrentThread
LoadLibraryA
FreeLibrary
lstrcatA
GetTickCount
CancelIo
GetThreadPriority
GetProcAddress
GetStartupInfoA
CreateProcessA
GetCurrentProcess
FindFirstFileA
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetFileInformationByHandle
SetFilePointer
GetACP
ReadFile
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

GetActiveWindow
wsprintfA
ClientToScreen
DestroyCaret
SetActiveWindow
GetClipCursor
GetCaretBlinkTime
GetCaretPos
ClipCursor
GetCapture
GetCursor
GetTopWindow

gdi32

EndPath
BeginPath
GdiGetBatchLimit
CloseFigure
GdiSetBatchLimit
FillPath
CreateCompatibleBitmap
EndDoc
GdiFlush
UnrealizeObject
GetBkMode
AbortDoc
AbortPath
WidenPath
PathToRegion
StartPage
GetColorSpace
FlattenPath
StrokePath
CancelDC
GetBkColor
GetBrushOrgEx
StrokeAndFillPath
EndPage
CreateCompatibleDC

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dad7bdefca134e0230da63da06c5d08e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 410B

.reloc Size: 1024B - Virtual size: 892B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 410B

.reloc
Size: 1024B - Virtual size: 892B