c045a47db575549734821c79c5686161_JaffaCakes118

General

Target

c045a47db575549734821c79c5686161_JaffaCakes118
Size

84KB
MD5

c045a47db575549734821c79c5686161
SHA1

9ae6d8fa07bed0f366736f12a8d0117b1463d6c2
SHA256

6aaec30306094d5128af35b24d7e0fecdf089813b46bafa8dc89caff899c5378
SHA512

3966031a5bfe189417838a8edc7b6e3a1190c05262a7935ad8d6379335c0b6acdef5e096147cf712f5e150e752013f1ea8cf85df118f792ed231043099828776
SSDEEP

1536:9KIapt7z5ta48T2sSOEAhgrtyVZo4v0GGx4+7QYTxs10QFjw+iy2LM8uQdSBe:uptO7SOERrty/70GGxpQFViFLM8N4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c045a47db575549734821c79c5686161_JaffaCakes118

Files

c045a47db575549734821c79c5686161_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetFocus

python23

PyModule_GetDict
PyMarshal_ReadObjectFromString
PySequence_Size
PySequence_GetItem
PyCode_Type
PyEval_EvalCode
PyErr_Print
PySys_SetArgv
Py_FdIsInteractive
PyRun_InteractiveLoop
Py_Finalize
Py_SetPythonHome
PyImport_AddModule
Py_OptimizeFlag
Py_SetProgramName
Py_Initialize
Py_GetPath
_Py_TrueStruct
PySys_SetObject
PyString_FromString
PyImport_ImportModule
PyCFunction_NewEx
PyObject_SetAttrString
PyArg_ParseTuple
PyInt_FromLong
PyRun_SimpleString
Py_NoSiteFlag

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_iob
strrchr
sprintf
_snprintf
strncpy
__p___argc
__p___argv
getenv
_putenv

kernel32

GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
GetLastError
FindResourceA
LoadResource
LockResource
GetFullPathNameA
FormatMessageA
LocalFree
lstrlenA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

Imports

user32

python23

msvcrt

kernel32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 68KB - Virtual size: 64KB