ae5050bc129f1b18bf1a5a7a56973783_JaffaCakes118

General

Target

ae5050bc129f1b18bf1a5a7a56973783_JaffaCakes118
Size

118KB
MD5

ae5050bc129f1b18bf1a5a7a56973783
SHA1

9acaea06e61a536a14c7c15e13c5f0d77a10c5b9
SHA256

78c9325f7b7ce1fb58d08f42063a73c2a9e864ad75afd00bd10a7ba9ffc59d50
SHA512

2690a7536f49454908dcbf05378137cdd9bb379b376aca0cbc28e6676196ef5ba2dfadff944cf6c2c24fc532cb7a71f3ee138a1abbf01daa137d8c9d3e2c2ad3
SSDEEP

1536:yrPyGvFDn/ky6E0BmrBgIT+W1xZ/ebOpVZ+TRLMhOzL2MGZtjWyUAQpfpodfNVFa:4PvFzMy6EUrI5xZcn9MG2769podfN25

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae5050bc129f1b18bf1a5a7a56973783_JaffaCakes118

Files

ae5050bc129f1b18bf1a5a7a56973783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3007ffe3d7b024b93c0b38683d36b483

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CancelDeviceWakeupRequest
CommConfigDialogA
ConvertDefaultLocale
DebugActiveProcess
EnumResourceTypesW
EnumSystemLocalesA
ExitProcess
GetCurrentDirectoryW
GetCurrentThreadId
GetOEMCP
GlobalDeleteAtom
InitAtomTable
LeaveCriticalSection
LocalFileTimeToFileTime
LocalSize
PeekConsoleInputA
QueryDosDeviceA
RemoveDirectoryW
SetComputerNameA
SetLocaleInfoW
TlsGetValue
Toolhelp32ReadProcessMemory
lstrlenA

user32

BlockInput
DdeGetLastError
DeleteMenu
DrawTextW
EnableMenuItem
EndTask
EnumDisplayMonitors
GetAltTabInfo
GetClipboardSequenceNumber
GetComboBoxInfo
GetDlgItemTextA
GetMenuState
GetSubMenu
GetThreadDesktop
GetWindowModuleFileNameW
IMPSetIMEA
IsCharAlphaNumericW
LoadStringA
PostMessageA
RegisterClipboardFormatA
SendMessageW
SetForegroundWindow
SetSysColorsTemp
SetWinEventHook
ShowWindow
UnregisterClassA
UpdateWindow
VkKeyScanA

gdi32

AngleArc
ColorCorrectPalette
CopyMetaFileW
CreateEnhMetaFileA
DeleteColorSpace
DrawEscape
FlattenPath
GdiPlayScript
GetArcDirection
GetCharWidthFloatW
GetCharWidthW
GetFontLanguageInfo
GetRasterizerCaps
GetStretchBltMode
GetTextMetricsW
MaskBlt
PlayEnhMetaFileRecord
SetDeviceGammaRamp
SetPixelV
SetWorldTransform
UpdateColors

Sections

.code
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3007ffe3d7b024b93c0b38683d36b483

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.code Size: 512B - Virtual size: 4KB

.data Size: 116KB - Virtual size: 128KB

.rdata Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 12KB

.code
Size: 512B - Virtual size: 4KB

.data
Size: 116KB - Virtual size: 128KB

.rdata
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 12KB