da15f998b0f9dc2cb0052e3fba1fa658_JaffaCakes118

General

Target

da15f998b0f9dc2cb0052e3fba1fa658_JaffaCakes118
Size

227KB
MD5

da15f998b0f9dc2cb0052e3fba1fa658
SHA1

b61a9288074334517d0fe73a37f4956e08a6ad7e
SHA256

226694f4d3bbc75c40202d75d3e24bb3fd4a070a180c66e7b3c9bb71861a5971
SHA512

1d8914fd83efa8bb144f250fcf73720f69769424caf779320735b333076289014df194da531ec4c39acb991f0c7e409af67c33a27d14b72e7f1f761dabbef060
SSDEEP

6144:cNCG+CD4XA8IGFmYR8nQhLoNDLdLbKPa/eeL8mG:cWVXBWTLOa/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da15f998b0f9dc2cb0052e3fba1fa658_JaffaCakes118

Files

da15f998b0f9dc2cb0052e3fba1fa658_JaffaCakes118
.exe windows:4 windows x86 arch:x86

529aad974a56406ab25c5b7ff3403c5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

BackupWrite
EnumResourceLanguagesW
ExitProcess
GetBinaryTypeA
GetCommandLineW
GetConsoleScreenBufferInfo
GetFileType
GetLogicalDriveStringsA
GetNamedPipeInfo
GetPrivateProfileSectionW
GetProcessTimes
GetStdHandle
GetTempPathW
GetWindowsDirectoryW
GlobalLock
LocalLock
MoveFileW
OpenEventW
OpenFileMappingW
RaiseException
SearchPathW
SetConsoleCtrlHandler
SetConsoleScreenBufferSize
SetUnhandledExceptionFilter
TryEnterCriticalSection
VirtualQueryEx
WriteConsoleW
_lwrite
lstrcmpA
lstrlen

user32

BringWindowToTop
CharToOemBuffA
CloseDesktop
DdeConnect
DdeInitializeW
DrawFocusRect
EnumThreadWindows
GetClassInfoW
GetIconInfo
GetListBoxInfo
GetSysColor
GetUpdateRgn
InsertMenuItemW
IsCharAlphaNumericA
LoadKeyboardLayoutA
MapWindowPoints
MessageBoxW
MonitorFromRect
MoveWindow
OpenIcon
RegisterClipboardFormatW
ShowCursor
SystemParametersInfoA
VkKeyScanA
WindowFromDC

gdi32

ColorMatchToTarget
CreateFontA
CreateICW
DeviceCapabilitiesExW
EnumObjects
FixBrushOrgEx
GetBitmapBits
GetCharWidth32A
GetDCOrgEx
GetDIBColorTable
GetICMProfileW
GetKerningPairsW
GetTextCharset
GetTextExtentExPointA
GetWindowOrgEx
GetWorldTransform
PathToRegion
Polyline
ResetDCW
RestoreDC
ScaleViewportExtEx
SelectClipPath
SetColorSpace
SetICMProfileW

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 225KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

529aad974a56406ab25c5b7ff3403c5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 225KB - Virtual size: 240KB

.idata Size: - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 212KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 225KB - Virtual size: 240KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 212KB