b05c15c2e03682fc7b14266548a37420_JaffaCakes118

General

Target

b05c15c2e03682fc7b14266548a37420_JaffaCakes118
Size

194KB
MD5

b05c15c2e03682fc7b14266548a37420
SHA1

298cdc4ade2d94c87cd1cc550cbd927a57425054
SHA256

40dc01aa1d333137b1578906fd0ec20211ac9b7eb3048b00a735a42df31821b5
SHA512

13f0698823a8ff356f9dce7e5950f2ab241fa960af4b9971df96eb40d27d243590a60448323ff4eb7ccd7dc681416926172a1fc9d4f2ee35605f40a4e985dfb7
SSDEEP

3072:CIeUqeLBqfSP4WDJAPaWQuyfMBH24PxZxPGT6HbDLp1/T:CIeNSwyYHDPTxbb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05c15c2e03682fc7b14266548a37420_JaffaCakes118

Files

b05c15c2e03682fc7b14266548a37420_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c850f5d338c4e3a65a222555ed369c8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
FindFirstFileA
SetCommState
GetNumberOfConsoleFonts
SetFileAttributesA
_lwrite
ReadConsoleInputA
CreateMutexA
GetProcessPriorityBoost
GetThreadPriority
GetProcessHeap
GetLocaleInfoA
IsBadReadPtr
DeleteTimerQueueEx
VirtualAlloc
GetEnvironmentVariableA
GlobalDeleteAtom
FreeConsole
GetVolumePathNameA
SetConsoleIcon
GetUserDefaultLangID
FindAtomA
GetProcessVersion
UpdateResourceA
HeapLock
ReadConsoleA
DuplicateHandle
GetDiskFreeSpaceA
OpenEventA
GetFileSizeEx
FindFirstVolumeMountPointA
WriteConsoleOutputCharacterA
SetStdHandle
CloseHandle
FillConsoleOutputCharacterW
PeekConsoleInputA
GetProcessHeaps
GlobalDeleteAtom
GlobalDeleteAtom

user32

CallMsgFilter
GetUserObjectInformationA
SetInternalWindowPos
GetClassNameA
DestroyCaret
CopyIcon
RegisterLogonProcess
LoadStringA
ToAscii
DrawFocusRect
GetWindowLongA
CreateMenu
GetCursorInfo
GetWindowTextA
UnregisterDeviceNotification
GetMessageA
SetMenuItemInfoA
OpenIcon
ClientToScreen
IsChild
ShowWindow
DrawFrame
SetWindowStationUser
CharPrevA
ClipCursor
ChildWindowFromPointEx
MessageBoxExA
ChangeDisplaySettingsExW
BroadcastSystemMessageExA
GetClipboardFormatNameA
LoadStringA
DlgDirListComboBoxW
EndMenu

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c850f5d338c4e3a65a222555ed369c8b

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 41KB - Virtual size: 41KB

.idata Size: 2KB - Virtual size: 14KB

.rsrc Size: 149KB - Virtual size: 149KB

.text
Size: 41KB - Virtual size: 41KB

.idata
Size: 2KB - Virtual size: 14KB

.rsrc
Size: 149KB - Virtual size: 149KB