bd095b1d7f01654822f30380a5cf3cd9_JaffaCakes118

General

Target

bd095b1d7f01654822f30380a5cf3cd9_JaffaCakes118
Size

130KB
MD5

bd095b1d7f01654822f30380a5cf3cd9
SHA1

fbfed92c8122565eb663fafacd3a03cde45c20c8
SHA256

47efe07a9990304ed7d80b82deddf0d53d36e8372fd83014d582cf5ee6901705
SHA512

56ea7d7c3d7c1b4450870603e2a665ec186bdfd02eea4c048ab8436c2efb8f7666708f8be6894f66b0e099b1b0a9fc71b78d2eefb60afaaf4bd09a28d732cde3
SSDEEP

1536:NhWF/KXs7hEGL6SjyDOzVeB3KnBdDmbn+bYeLHt6QI8XL3e46Yf59W5TM8oACn/n:jWF/KGhzxeSXYfQIEe46ASTuF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd095b1d7f01654822f30380a5cf3cd9_JaffaCakes118

Files

bd095b1d7f01654822f30380a5cf3cd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc48affbcdbd338e2273b58924898a45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

OffsetViewportOrgEx
MoveToEx
CreateRectRgn
SaveDC
LineTo
GetStockObject
Chord
PlayEnhMetaFile
GetBrushOrgEx
GetPixel
BeginPath
SetColorSpace
CreateBitmap
CreateCompatibleBitmap
DeleteDC
CreatePen
StretchBlt
Rectangle
GetCharWidth32A
GetPaletteEntries
MaskBlt
GetEnhMetaFilePaletteEntries
GetDIBColorTable
GetDCOrgEx
SetViewportOrgEx
SelectPalette
GetDeviceCaps
PtVisible
UnrealizeObject
SetMapMode
GetTextMetricsA
StartPage
SelectClipPath
DeleteObject
RectVisible
ScaleViewportExtEx
SetBkMode
SetStretchBltMode
SelectObject
EndDoc
EndPath
SetROP2
SetWindowExtEx
BitBlt
CreatePatternBrush
SetTextColor
LPtoDP
RestoreDC
EndPage

user32

CharNextA

kernel32

GetCurrentThreadId
GetUserDefaultLangID
SetLastError
GetCommandLineW
GetThreadLocale
lstrcmpA
GetModuleHandleA
GetModuleHandleW
GetConsoleOutputCP
GetCurrentThread
SetCurrentDirectoryA
lstrlenA
GlobalFindAtomA
lstrlenW
RemoveDirectoryA
CopyFileA
lstrcmpiW
DeleteFileW
GetCurrentProcess
DeleteFileA
GetVersion
GetTickCount
MulDiv
GetACP
VirtualAlloc
IsDebuggerPresent
GetOEMCP
GetCommandLineA
lstrcmpiA
GetProcessHeap
GlobalFindAtomW
GetCurrentProcessId

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc48affbcdbd338e2273b58924898a45

Headers

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 16KB - Virtual size: 15KB