c200015283a51149c4591c44b4365370_JaffaCakes118

General

Target

c200015283a51149c4591c44b4365370_JaffaCakes118
Size

41KB
MD5

c200015283a51149c4591c44b4365370
SHA1

e7a691e7efcdb8bc12bba1f669b3d89cbc32a897
SHA256

e2622f51f72b41901daff09c3b45bbbaf2d4e0131248e266eec5b27a7bc6a6de
SHA512

33d45cf3b9104c69201660833e4a2abed708061dcbbafc8509ccafc224e6a9cc52a6c535d7d4cf1ee42f4dbf3df2faab2a5a289e31edc63a1483b44c38ec03d1
SSDEEP

768:wYLK7opwAf8OKcm3MnEXggGetzN3cdgCfDcfMR9uTkCXTfLuO+iiYs5BAhYq03zW:wYLK8RqhtzN3wfIfMn+jFiwhYqsUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c200015283a51149c4591c44b4365370_JaffaCakes118

Files

c200015283a51149c4591c44b4365370_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d014937fb2bf943ba3f0682828bc27fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsW
CloseHandle
CreateFileA
EnumTimeFormatsW
ExitProcess
FillConsoleOutputCharacterW
FindNextFileA
GetComputerNameA
GetConsoleCP
GetCurrentProcess
GetDevicePowerState
GetNumberFormatA
GetPrivateProfileSectionA
GetStringTypeA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
Process32Next
RtlUnwind
SetComputerNameA
SetConsoleWindowInfo
SwitchToFiber
VirtualQuery
_lwrite

user32

AppendMenuA
CascadeChildWindows
ChangeDisplaySettingsExW
ChildWindowFromPointEx
CloseDesktop
DdeDisconnectList
DragDetect
EndDialog
GetClassInfoExW
GetClassLongW
GetKeyboardLayoutNameA
GetMenu
GetWindowDC
IsZoomed
LoadBitmapA
LoadCursorFromFileW
LoadCursorW
OpenDesktopA
RealChildWindowFromPoint
RegisterTasklist
SetRectEmpty
SetUserObjectInformationW
ShowCursor
SubtractRect
WaitForInputIdle
keybd_event

gdi32

ChoosePixelFormat
CreateEnhMetaFileW
CreateFontIndirectW
CreateMetaFileW
EnableEUDC
EndPath
ExtCreateRegion
GetCharABCWidthsW
GetCharacterPlacementW
GetClipRgn
GetNearestColor
GetObjectW
GetRegionData
ModifyWorldTransform
PolyTextOutA
SelectObject
SelectPalette
SetGraphicsMode
SetICMMode
SetMapperFlags
TextOutA
TextOutW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d014937fb2bf943ba3f0682828bc27fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 39KB - Virtual size: 52KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 39KB - Virtual size: 52KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 8KB