b0d8375c04c77a91141506a5625ce4cc_JaffaCakes118

General

Target

b0d8375c04c77a91141506a5625ce4cc_JaffaCakes118
Size

326KB
MD5

b0d8375c04c77a91141506a5625ce4cc
SHA1

85bc2dd00a740250ca419164845404c5bb0499d0
SHA256

5bdb8f0fcfd5b1852d21306ab8b1faac1ee5d86b7f57bfe7b1379718770749f2
SHA512

6997a4c56c587de790559d7251cb08a08ccaeea6f7f8bb2b243d080c8b1e2bd7cba9000dd8f64f31d8657df957f7a6455f918a6688f3412da712465fb5c9545b
SSDEEP

3072:uNpks61H12W9p8j6Uo1UV9hF1QChWYTMnbJR1E5+vXY8tGn3E+B:pT1HQ99hzvWuMnbJQ+XtGT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0d8375c04c77a91141506a5625ce4cc_JaffaCakes118

Files

b0d8375c04c77a91141506a5625ce4cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dee60df6302d01dac8f946a81e453d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
ExitProcess
GetCPInfo
GetCurrentThread
GetEnvironmentStringsW
GetFileSize
GetFileType
GetModuleFileNameA
GetSystemInfo
HeapAlloc
HeapDestroy
IsBadCodePtr
IsBadWritePtr
LCMapStringW
LoadLibraryA
LoadLibraryExW
ResetEvent
SetErrorMode
SetStdHandle
TerminateThread
VirtualFree
WriteConsoleA
lstrcmpiA
lstrcpyA

gdi32

CreateBitmap
CreateDCA
CreateDCW
CreateICA
CreateMetaFileW
CreateRoundRectRgn
DeleteDC
EnumMetaFile
GetEnhMetaFilePaletteEntries
GetNearestColor
GetObjectW
GetOutlineTextMetricsA
GetRegionData
GetRgnBox
GetViewportOrgEx
RealizePalette
SetDIBColorTable

shell32

SHAppBarMessage
SHFileOperationW
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
ShellExecuteEx
Shell_NotifyIconA

user32

DestroyCursor
DrawIcon
DrawMenuBar
EnableMenuItem
EqualRect
FillRect
GetClassInfoA
GetDCEx
GetScrollRange
GetSubMenu
GetWindow
IsDialogMessageA
IsWindowVisible
IsZoomed
RegisterClassA
SetCapture
SetFocus
SetWindowsHookExA
WaitMessage

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

lh7fzbOF
Size: 119KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dee60df6302d01dac8f946a81e453d56

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

lh7fzbOF Size: 119KB - Virtual size: 140KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

lh7fzbOF
Size: 119KB - Virtual size: 140KB