d1e7e04d0ef494e099c75f46017f2192_JaffaCakes118

General

Target

d1e7e04d0ef494e099c75f46017f2192_JaffaCakes118
Size

209KB
MD5

d1e7e04d0ef494e099c75f46017f2192
SHA1

1d72de3db1448f14f3188a399181fb613b380bc1
SHA256

e02e6f49f8f42f4d2248558c56ab1046820e1af234753161308c8597cb809bec
SHA512

21e826d589fbd25a6947c6397fbef3e85a4d13d905eaae18e9e9575deb163015119314bb26490a1727700f69d0bfdd43e34cea2f1a43800a4b6ca582372380b3
SSDEEP

3072:6TWYEA0RMKMCj+WrB7J9jMX9+vvXke84VYNRPewkgq+A7mPdyZL27Sb748:CWIuMyrBlNDvUe8XR2wnqH7e6q7Sbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1e7e04d0ef494e099c75f46017f2192_JaffaCakes118

Files

d1e7e04d0ef494e099c75f46017f2192_JaffaCakes118
.exe windows:4 windows x86 arch:x86

406d1e5acee30478ac6f992d5d45d7ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BeginPath
BitBlt
CloseEnhMetaFile
CopyEnhMetaFileA
CreateCompatibleBitmap
GetObjectA
GetRegionData
GetTextExtentPoint32W
Polyline
SetMetaFileBitsEx
StrokeAndFillPath
TranslateCharsetInfo

shell32

DragAcceptFiles
ExtractIconExW
SHGetFileInfo
ShellExecuteEx

user32

EnableWindow
GetScrollInfo
GetSysColorBrush
GetSystemMetrics
GetWindow
IsDialogMessageA
OffsetRect
ReleaseCapture
SendDlgItemMessageA
SetActiveWindow
SetWindowTextA
ShowCursor
ShowWindow
SystemParametersInfoA
WindowFromPoint

kernel32

CreateEventA
DeleteFileW
DisableThreadLibraryCalls
GetFileSize
GetFileTime
GetFullPathNameA
GetStringTypeA
GetTimeZoneInformation
GlobalAlloc
InterlockedIncrement
IsBadWritePtr
IsDBCSLeadByte
LoadResource
ResumeThread
RtlUnwind
WaitForMultipleObjects

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vOmBPtJS
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

406d1e5acee30478ac6f992d5d45d7ec

Headers

File Characteristics

Imports

gdi32

shell32

user32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

vOmBPtJS Size: 1024B - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

vOmBPtJS
Size: 1024B - Virtual size: 120KB