da6b20fc9cbb900c54179ac848270922_JaffaCakes118

General

Target

da6b20fc9cbb900c54179ac848270922_JaffaCakes118
Size

57KB
MD5

da6b20fc9cbb900c54179ac848270922
SHA1

4f669b8b23e57d25963177923539b94a9d7f9a74
SHA256

d0a4315fed29fac8394fba27c60b06d98319aa579470e88367ce03851b118ee0
SHA512

dda8924c906b33a23e0da88592730844af3cc37a86fc19e9fa1320b8a16fbf5117bdb2c4b4b89c9669f25cc25fe878b7aeae235f9d5e91acd5d1e65df9a81e4a
SSDEEP

1536:GRvAp4lDt/QpML9vF3M8EqwnkFDCCthvO7Fi4y5XTo5KP:GAmtt/QpW9WDK+IvO7E4aTo5KP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da6b20fc9cbb900c54179ac848270922_JaffaCakes118

Files

da6b20fc9cbb900c54179ac848270922_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f62f0f38a62fb5f6cba23a22f8862e43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
CreateSemaphoreA
CreateSemaphoreW
DefineDosDeviceA
DeleteFiber
EnumSystemLocalesW
ExitProcess
FlushViewOfFile
GetCompressedFileSizeW
GetComputerNameA
GetPrivateProfileSectionNamesA
GetPrivateProfileStructW
GetProcessHeaps
GetProcessTimes
GetShortPathNameA
GetSystemDefaultLangID
GetThreadLocale
GetUserDefaultLCID
GlobalFindAtomA
GlobalLock
LocalFlags
OpenSemaphoreW
OpenWaitableTimerW
ReadConsoleInputW
SetFileTime
SetThreadPriority
Thread32First
UnmapViewOfFile
_lread

user32

CreateIconFromResource
CreateIconFromResourceEx
DdeCreateDataHandle
DrawFocusRect
EnumClipboardFormats
EnumDesktopsA
EnumThreadWindows
FindWindowA
GetForegroundWindow
GetWindowDC
GetWindowWord
GrayStringW
IMPQueryIMEW
IsWindowVisible
LoadAcceleratorsW
MessageBoxIndirectW
PaintDesktop
PeekMessageA
RegisterClipboardFormatW
RegisterSystemThread
SetClassLongW
SetDebugErrorLevel
SystemParametersInfoW
TrackMouseEvent
TranslateMDISysAccel

gdi32

AnimatePalette
DeviceCapabilitiesExA
Ellipse
EnumFontFamiliesExW
GetBrushOrgEx
GetDCOrgEx
GetFontData
GetFontLanguageInfo
GetICMProfileA
GetROP2
GetTextAlign
GetTextFaceA
OffsetRgn
PolyTextOutA
RemoveFontResourceA
SetDIBits
SetDIBitsToDevice
SetICMProfileW
SetTextJustification
TextOutA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f62f0f38a62fb5f6cba23a22f8862e43

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 8KB - Virtual size: 24KB

.idata Size: - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 12KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 24KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 12KB