dcc01d9df6cf02b2e4c138770b8bf5fd_JaffaCakes118

General

Target

dcc01d9df6cf02b2e4c138770b8bf5fd_JaffaCakes118
Size

88KB
MD5

dcc01d9df6cf02b2e4c138770b8bf5fd
SHA1

3a461865d9bb2ed2e382b27af5f3f2f252683a5b
SHA256

54f0cf3e016b632cc0058e35453f747287e4d7c90f64122c2dedf034eecf5eee
SHA512

ae75a58a212ad6b3fd597aa2f256d54d3b67fd21512a403cce8bb1e9bb2cc4a0fd500de84771f25091bb60132edf68b10538d076c5f40334adfd2f12f1c02a76
SSDEEP

1536:AgIapt9ziJ/VfyFLS22ESQFjw+iy2LM8uQdJt5dgF8JxtaRewfxV+taRw2DQfeFL:tptkvfWLS22ESQFViFLM8NDVgF8hagwz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcc01d9df6cf02b2e4c138770b8bf5fd_JaffaCakes118

Files

dcc01d9df6cf02b2e4c138770b8bf5fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetFocus

python23

PyModule_GetDict
PyMarshal_ReadObjectFromString
PySequence_Size
PySequence_GetItem
PyCode_Type
PyEval_EvalCode
PyErr_Print
PySys_SetArgv
Py_FdIsInteractive
PyRun_InteractiveLoop
Py_Finalize
Py_SetPythonHome
PyImport_AddModule
Py_OptimizeFlag
Py_SetProgramName
Py_Initialize
Py_GetPath
_Py_TrueStruct
PySys_SetObject
PyString_FromString
PyImport_ImportModule
PyCFunction_NewEx
PyObject_SetAttrString
PyArg_ParseTuple
PyInt_FromLong
PyRun_SimpleString
Py_NoSiteFlag

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_iob
strrchr
sprintf
_snprintf
strncpy
__p___argc
__p___argv
getenv
_putenv

kernel32

GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
GetLastError
FindResourceA
LoadResource
LockResource
GetFullPathNameA
FormatMessageA
LocalFree
lstrlenA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d03785d401c7e27e5938517a66279d6b

Headers

File Characteristics

Imports

user32

python23

msvcrt

kernel32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 72KB - Virtual size: 71KB