bbb52a6fe8dfbf67b1eeba4cf2196da5_JaffaCakes118

General

Target

bbb52a6fe8dfbf67b1eeba4cf2196da5_JaffaCakes118
Size

88KB
MD5

bbb52a6fe8dfbf67b1eeba4cf2196da5
SHA1

6746441c0f5efc6ba9be3eab076281ceaba74b6b
SHA256

d8d61ba7c78507127fe721ed26325af264e018326c1f38869bfaa0f251367f0b
SHA512

f9a1fcdaa4dc6997e1db65c465bcb83271a930c9a3163fcc6240b86b15dd44ad812af15b64cfdd261e5ccfbb278919aae8c26f6220240c6b6644087e1fd5a7ee
SSDEEP

1536:X+XZ3qyIZsgjF1wHE4ltmOhV8n1xNeE41E26zBS5hMfv2Dh9i:X+XZxusg/+EOmOhqT8E4e1BSTMf+Dh9i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbb52a6fe8dfbf67b1eeba4cf2196da5_JaffaCakes118

Files

bbb52a6fe8dfbf67b1eeba4cf2196da5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1f2e053afbfe83013973f8b22066f36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
ChooseFontW

user32

DrawIconEx

kernel32

HeapReAlloc
SystemTimeToFileTime
SetThreadAffinityMask
SetFileApisToANSI
SetDefaultCommConfigA
BeginUpdateResourceA
CloseHandle
EnumSystemLanguageGroupsA
ExitProcess
GetACP
GetAtomNameW
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetThreadPriorityBoost
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapCreate
MapUserPhysicalPages

ole32

CoCreateInstance
CLSIDFromString
StringFromGUID2

dbghelp

vc7fpo
SymSetSearchPath
SymSetContext
SymGetModuleBase
SymGetLineFromName
ImagehlpApiVersion
ImageRvaToSection
FindFileInSearchPath
FindFileInPath
DbgHelpCreateUserDumpW

comctl32

UninitializeFlatSB
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
InitializeFlatSB
ImageList_SetFlags
ImageList_ReplaceIcon
GetMUILanguage
ImageList_LoadImageA
ImageList_GetIcon
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_DragMove
ImageList_Add
FlatSB_GetScrollPos

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1f2e053afbfe83013973f8b22066f36

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

ole32

dbghelp

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB