e1f562428c5646c5d693ab4d44ada303_JaffaCakes118

General

Target

e1f562428c5646c5d693ab4d44ada303_JaffaCakes118
Size

40KB
MD5

e1f562428c5646c5d693ab4d44ada303
SHA1

6d127fc3120e20114a60531698d5d072c9042990
SHA256

67c945b63583d57b5f60cab5b804e4d86dac7c178042b7462ab9fee67a5c1819
SHA512

a26e7fb83fc6a88a9b4fcb647e3fc8d3adbb173b230c778f087d287149a57b136e1288f967b9cdd36b89e9520243da664200da29238e9808dfc133c933ceff05
SSDEEP

768:cp8N41OXoIv0U01GlSBMtyRFDNq6LuuZnS+xsCH5:INO4IvJ01vBMO3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f562428c5646c5d693ab4d44ada303_JaffaCakes118

Files

e1f562428c5646c5d693ab4d44ada303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c02bd31a3a8d5769999676badba3e97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryExW
CreateMutexA
CreateMutexW
DeviceIoControl
EnumSystemLocalesA
ExitProcess
FatalExit
FillConsoleOutputAttribute
FindClose
FindResourceExW
FindResourceW
FreeConsole
GetNamedPipeHandleStateA
GetNumberFormatW
GetPrivateProfileSectionNamesW
GlobalAlloc
GlobalWire
IsBadStringPtrW
LoadResource
Module32First
PeekNamedPipe
ResetWriteWatch
RtlFillMemory
SetCommBreak
SetThreadPriority
SetUnhandledExceptionFilter
UTUnRegister
WaitForSingleObjectEx
lstrcatW

user32

CallMsgFilterA
ChangeMenuW
CreateDialogIndirectParamW
DdeAbandonTransaction
DdeUninitialize
DefMDIChildProcW
DrawTextExA
EnumWindows
FlashWindowEx
GetCaretPos
GetParent
GetThreadDesktop
GetUserObjectInformationA
InsertMenuA
InsertMenuW
RealChildWindowFromPoint
SetDlgItemTextA
SetPropA
SetScrollRange
SetUserObjectSecurity
ShowScrollBar

gdi32

AbortPath
Arc
ArcTo
CopyMetaFileW
CreateDIBPatternBrush
CreateEllipticRgn
CreateFontIndirectA
CreatePalette
CreatePenIndirect
DeleteDC
DeviceCapabilitiesExW
DrawEscape
EnumFontsW
GetArcDirection
GetCharWidthW
GetEnhMetaFileA
GetEnhMetaFilePaletteEntries
GetFontData
GetKerningPairsW
GetSystemPaletteEntries
GetTextCharacterExtra
GetViewportExtEx
PlayEnhMetaFile
PolyTextOutW
SetEnhMetaFileBits
SetGraphicsMode
SetPolyFillMode
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c02bd31a3a8d5769999676badba3e97

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 38KB - Virtual size: 44KB

.xdata Size: - Virtual size: 12KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 38KB - Virtual size: 44KB

.xdata
Size: - Virtual size: 12KB

.rsrc
Size: - Virtual size: 4KB