b9200345abf9b4437a1b9d2c4d534fa9_JaffaCakes118

General

Target

b9200345abf9b4437a1b9d2c4d534fa9_JaffaCakes118
Size

43KB
MD5

b9200345abf9b4437a1b9d2c4d534fa9
SHA1

bbb192985ab1cf68b5a346f68026a9c00f2f360b
SHA256

2691fbeeede6544c80a3f00ca53e5338535db662d1aa4839aec905cb5fba16a8
SHA512

0ff52ba5300e3159669e7ad2f1803e0a66eef44fcd3f233f85ebc4f03bd196690c9b67a467939099d716bf7ffc026e969a533c00a7af1ec408835cc47a39f404
SSDEEP

768:iSbOle4than9GAaO6/2A6hTyX9Ulgmh+Vtgc9fqC5ijppeE4xpk5UVq0+Oym4YM:Db7oQ94/2AFUlgSIP9frijppN884ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9200345abf9b4437a1b9d2c4d534fa9_JaffaCakes118

Files

b9200345abf9b4437a1b9d2c4d534fa9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee0a9778fe1ed1b2eb1d88002a31f4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
CreateConsoleScreenBuffer
ExitProcess
FlushInstructionCache
GetCommMask
GetCommTimeouts
GetEnvironmentStrings
GetNamedPipeHandleStateW
GlobalCompact
LocalLock
ReadConsoleOutputA
SetErrorMode
SetProcessShutdownParameters
SetThreadLocale
TlsFree
VerLanguageNameA
WriteConsoleW
WritePrivateProfileStringW
_hread
lstrcmpW

user32

BringWindowToTop
CloseWindowStation
DdeCreateDataHandle
DdeUnaccessData
DefDlgProcW
DefMDIChildProcW
DrawCaption
EnumDisplayDevicesA
EnumPropsA
GetAncestor
GetClipboardSequenceNumber
GetMenuBarInfo
GetUserObjectInformationA
GetWindowContextHelpId
GetWindowTextA
IsDialogMessageA
LoadAcceleratorsA
LoadImageW
LockWindowUpdate
LookupIconIdFromDirectory
MessageBoxExW
OemToCharA
RegisterClassExW
SetMessageExtraInfo
UnhookWinEvent

gdi32

AbortDoc
CloseFigure
CopyMetaFileA
CreateBrushIndirect
CreateDCW
CreateEllipticRgnIndirect
CreateHatchBrush
CreateICA
DPtoLP
DeviceCapabilitiesExA
EnableEUDC
ExtSelectClipRgn
GetBoundsRect
GetCharWidthA
GetFontLanguageInfo
GetMetaFileBitsEx
GetTextExtentPoint32A
GetTextFaceW
SetColorSpace
SetDeviceGammaRamp
SetICMProfileW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee0a9778fe1ed1b2eb1d88002a31f4d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 42KB - Virtual size: 48KB

.rdata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 42KB - Virtual size: 48KB

.rdata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 12KB