dceda3954c9ee26b53316ebdbf615f47_JaffaCakes118

General

Target

dceda3954c9ee26b53316ebdbf615f47_JaffaCakes118
Size

87KB
MD5

dceda3954c9ee26b53316ebdbf615f47
SHA1

784ffbaaaca979bfc866497431bd592e237c7d11
SHA256

0f67b14b20c83c48980509576552891ea0e0d0b7fc9242c11208bcd6f83273da
SHA512

3154148b515e063f3d48a298d0170b4dee862cb907b15582c7bc91b201bbe97cb9c4ca103d9e5adf6f6a164140cad82f8ff3001f503dd5c120bad3c529ab228f
SSDEEP

1536:ShROMScpj97Q7MvyuGsE3sCt0h+ygXRlS7gvuosq:SVSGjq7PfVsnghY7gx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dceda3954c9ee26b53316ebdbf615f47_JaffaCakes118

Files

dceda3954c9ee26b53316ebdbf615f47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35453b5f315166218ffb4b2b39bc958a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
CreateCompatibleDC
CreateDIBitmap
CreateBitmap
GetPixel
GetClipBox
CreateHalftonePalette
GetBrushOrgEx
DeleteObject
GetCurrentPositionEx
ExcludeClipRect
DeleteDC
CreateBrushIndirect
CreateDIBSection
CreateFontIndirectA
RestoreDC
CreatePenIndirect
GetBitmapBits
CreateSolidBrush
ExtTextOutA
GetPixel
SetTextColor
CreateCompatibleBitmap
GetDCOrgEx

kernel32

WriteFile
GetStdHandle
Sleep
ReadConsoleA
SetLastError
GetConsoleMode
GetCommandLineA
FindAtomA
OpenFileMappingA
GetComputerNameA
CreateProcessA
DeleteFileW
GetFileTime
FindFirstFileA
DeleteAtom
DeleteFileA
ReadFile
OpenFile
GetFileSize
CreateThread
ExitThread
GetCPInfo
GlobalFree
GetLastError

comctl32

ImageList_Copy
ImageList_LoadImageA
ImageList_Destroy
CreateToolbarEx
MenuHelp
ImageList_GetIcon
DrawStatusTextW
ImageList_Add
CreateStatusWindow
DllGetVersion
DrawStatusText
ImageList_LoadImageW
ImageList_DragEnter
CreateStatusWindowW
CreateMappedBitmap
InitCommonControls
ImageList_DrawEx
ImageList_GetIconSize
ImageList_EndDrag
CreateToolbar
ImageList_Create
ImageList_AddIcon
ImageList_Draw
CreateUpDownControl

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35453b5f315166218ffb4b2b39bc958a

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 50KB - Virtual size: 50KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 5KB

.idata Size: 3KB - Virtual size: 31KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 50KB - Virtual size: 50KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 5KB

.idata
Size: 3KB - Virtual size: 31KB