cfe70396f5dc980480d36eab18dda51b_JaffaCakes118

General

Target

cfe70396f5dc980480d36eab18dda51b_JaffaCakes118
Size

349KB
MD5

cfe70396f5dc980480d36eab18dda51b
SHA1

b233ee18245fee69934b05a3dd644c0685182892
SHA256

96c7a39cf174c6d3a5ed958186052336c7f4250daaaaed64d40f0c42cc65dc33
SHA512

a982fb5145126927f6dbc4b6f32e52806518c052c6a0fdd6b74559b8751a800cbe9671e6fba3e4ce625a9f9edfb9acd96d3def42b946f301c27554478c05ea16
SSDEEP

6144:0O/8eoYsXQfzCwA1OYup3lJYdDVkYcROZlZTJ6:034uHO3Gd2YcROb6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfe70396f5dc980480d36eab18dda51b_JaffaCakes118

Files

cfe70396f5dc980480d36eab18dda51b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c416fd8c0e7029129de77001c11c108

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Arc
CloseMetaFile
CopyMetaFileW
CreateICW
DeleteDC
EndDoc
EnumFontFamiliesExA
EnumFontFamiliesW
ExtEscape
ExtFloodFill
FillPath
GetBitmapBits
GetBrushOrgEx
GetCharacterPlacementA
GetClipBox
GetTextExtentPointW
GetTextFaceA
Pie
RectVisible
SelectClipPath
SetBrushOrgEx
SetColorAdjustment
SetDIBits
SetTextColor
StartDocW

kernel32

CreateFileA
DeleteFileA
ExitProcess
FormatMessageA
FreeEnvironmentStringsW
GetACP
GetConsoleOutputCP
GetCurrentProcess
GetDriveTypeA
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetStringTypeW
GetSystemDirectoryA
GetTempPathA
GetTempPathW
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
HeapFree
OpenProcess
ReadFile
RtlUnwind
SetEnvironmentVariableA
TerminateProcess
TlsFree
lstrcatA
lstrcmpiW

user32

CheckMenuItem
CreatePopupMenu
DestroyWindow
EnumWindows
GetScrollInfo
GetScrollPos
GetSystemMetrics
GetWindowDC
IntersectRect
IsZoomed
LoadBitmapA
RegisterClipboardFormatA
ScrollWindow
SendDlgItemMessageA
TranslateMessage
UpdateWindow

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

6CMKnA8X
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c416fd8c0e7029129de77001c11c108

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

6CMKnA8X Size: 140KB - Virtual size: 140KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

6CMKnA8X
Size: 140KB - Virtual size: 140KB