deeaf9907da274160e9e7c3841926843_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

deeaf9907da274160e9e7c3841926843_JaffaCakes118
Size

102KB
MD5

deeaf9907da274160e9e7c3841926843
SHA1

ec03244df63848c7b9e18691a7099f536a07ac6f
SHA256

0e4b2166c8b7df190151ad8cb6c20fa6d9b8d0c96ded767b9507a4b1266d17a5
SHA512

af4f750806adb2e620e7aa7c6dd559e565f069b929a90ef6b20543aba8a99261bbd7966b6a470585ec311480f3a294c2bfe9df08610a2c520adfce1b37fd4615
SSDEEP

3072:Axkzf5T/x5ZxlTf4Q/zvLeIIFrLDLeBcb:AGT5Fb3gFjLe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deeaf9907da274160e9e7c3841926843_JaffaCakes118

Files

deeaf9907da274160e9e7c3841926843_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4d80d11ae07e3a24073e5420256221c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HWS8dXz9.pdb

Imports

msvcrt

malloc

user32

GetActiveWindow
ShowScrollBar
GetFocus
SetMenu
GetMenuDefaultItem
SetTimer
GetThreadDesktop
GetTitleBarInfo
DdeSetUserHandle

winscard

SCardConnectW

shlwapi

PathRemoveFileSpecA

kernel32

FindNextChangeNotification
FreeUserPhysicalPages
IsNLSDefinedString
GetNamedPipeInfo
GetCommandLineA
GetConsoleMode
GetFileType
GetConsoleScreenBufferInfo
GetCurrentThreadId
GetStdHandle

rpcrt4

RpcBindingInqAuthInfoExW

gdi32

GetTextExtentExPointI
SetRectRgn

Sections

.code
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt0
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=LskM
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rCPikXCM
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d80d11ae07e3a24073e5420256221c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

winscard

shlwapi

kernel32

rpcrt4

gdi32

Sections

.code Size: 17KB - Virtual size: 17KB

.qdata Size: 1024B - Virtual size: 886B

.rdata Size: 2KB - Virtual size: 1KB

.crt0 Size: 20KB - Virtual size: 24KB

=LskM Size: 28KB - Virtual size: 27KB

rCPikXCM Size: 25KB - Virtual size: 24KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 552B

.code
Size: 17KB - Virtual size: 17KB

.qdata
Size: 1024B - Virtual size: 886B

.rdata
Size: 2KB - Virtual size: 1KB

.crt0
Size: 20KB - Virtual size: 24KB

=LskM
Size: 28KB - Virtual size: 27KB

rCPikXCM
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 552B