b6088dfff4d51c3716383ee54e9243a8_JaffaCakes118

General

Target

b6088dfff4d51c3716383ee54e9243a8_JaffaCakes118
Size

212KB
MD5

b6088dfff4d51c3716383ee54e9243a8
SHA1

d1b57a0d09719fb75620395c3080b47d0be3c5cc
SHA256

bc5cd201c788f71a69d14327818d6da5b0d15c4276e950a47aef2c84b9dbe786
SHA512

be8b06a8d1a0aa1aeffb53abff316c700e6754e505c6dbce10282afd6d8fbbc628b53dafeb5bc02ed4bb4d7bb55ee0d02b5a861111a48cbe62688522e15defe1
SSDEEP

3072:TjPmuqT7aviPnuwtZhsi/I6EUXzLLsqmU7/gZpEYoZg4rvu9Jv3I9OnqLurGkyj:vqfaKWwZ+yIhiLoGFRvu9J/I9OqL6Gj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6088dfff4d51c3716383ee54e9243a8_JaffaCakes118

Files

b6088dfff4d51c3716383ee54e9243a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4ad333ad3eca2aa4d38b0f1a616bf62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
EnterCriticalSection
GetCommandLineW
GetCurrentThreadId
GetFileSize
GetLocaleInfoW
GetModuleFileNameA
GetShortPathNameA
GetSystemTimeAsFileTime
GetThreadLocale
HeapFree
MoveFileA
ResetEvent
SetEnvironmentVariableA
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrcmpiW

shell32

CommandLineToArgvW
ExtractIconExA
ExtractIconW
SHAddToRecentDocs
SHAppBarMessage
SHCreateDirectoryExA
SHGetDiskFreeSpaceExW
SHGetFolderPathA
SHGetPathFromIDList
ShellExecuteA
ShellExecuteEx
Shell_NotifyIconA
Shell_NotifyIconW

gdi32

Chord
CreateBitmap
CreateICA
CreateICW
DeleteEnhMetaFile
EnumFontsA
ExtCreatePen
GetCurrentObject
GetEnhMetaFilePaletteEntries
GetObjectW
GetPixel
PtInRegion
RectInRegion
SetStretchBltMode
SetWindowExtEx

user32

DrawEdge
DrawIconEx
DrawMenuBar
GetDlgItem
GetFocus
GetPropA
GetScrollInfo
GetSysColor
IsWindowEnabled
OemToCharA
RedrawWindow
SetTimer
WindowFromPoint

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4ad333ad3eca2aa4d38b0f1a616bf62

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 22KB - Virtual size: 140KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 22KB - Virtual size: 140KB