cfa2d7a4baa702d257f90250c3fad208_JaffaCakes118

General

Target

cfa2d7a4baa702d257f90250c3fad208_JaffaCakes118
Size

210KB
MD5

cfa2d7a4baa702d257f90250c3fad208
SHA1

bf6f14f81094de3a66da5b5d0d02bf7386744c2c
SHA256

c4e7bfd0f730b146379ce372dcab6b7ed3c2440e46d88bb1d1653ade42292c26
SHA512

95697392dbac56b1d5d2e3cbfa131e2ea498c9f6e7de1b2312695ae058e3eaf5b9f25ba4392592bcef57b42f4b2b0e8e500f88306734fda9f083a5f2570680eb
SSDEEP

6144:nR+KtWO7JcmgXU+3ksr2N/8M46WALfl+N:nR0/mgXssg/8MlrLt+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa2d7a4baa702d257f90250c3fad208_JaffaCakes118

Files

cfa2d7a4baa702d257f90250c3fad208_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbd8d14943492e4e66dd1405390a46b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerA
CloseClipboard
DestroyIcon
DestroyMenu
EmptyClipboard
GetClassInfoA
GetDCEx
GetFocus
GetKeyState
GetMenuStringA
GetWindowPlacement
GetWindowThreadProcessId
IsChild
IsIconic
IsZoomed
KillTimer
OpenClipboard
PeekMessageA
SendDlgItemMessageA
SendMessageA
SetPropA
SetScrollInfo
UnregisterClassA
WindowFromPoint

kernel32

CopyFileA
FileTimeToLocalFileTime
FindFirstFileW
GetFileSize
GetTempPathA
GetTempPathW
GetVersionExW
GetWindowsDirectoryA
GlobalLock
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
IsDBCSLeadByte
IsValidCodePage
RtlUnwind
SetEndOfFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA

gdi32

ArcTo
CreateCompatibleBitmap
CreateEnhMetaFileA
CreateHalftonePalette
CreateSolidBrush
DeleteDC
EnumFontFamiliesExW
ExcludeClipRect
GdiFlush
GetBrushOrgEx
GetEnhMetaFileDescriptionA
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsA
GetViewportExtEx
InvertRgn
LPtoDP
PlayMetaFile
SelectClipPath
SetStretchBltMode
SetWinMetaFileBits
StartDocA
StartDocW
StretchDIBits
TextOutA
TextOutW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

2FLmNXvi
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbd8d14943492e4e66dd1405390a46b2

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

2FLmNXvi Size: 512B - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

2FLmNXvi
Size: 512B - Virtual size: 120KB