e250294601c6d993ac7a5d314c39c8a4_JaffaCakes118

General

Target

e250294601c6d993ac7a5d314c39c8a4_JaffaCakes118
Size

38KB
MD5

e250294601c6d993ac7a5d314c39c8a4
SHA1

d7e4ee40a784793cf8a53b8a1c2d893edfe2df52
SHA256

4313167a8fc5bfcd0cf40b46e9e3d7e729361a7341c5ed080423074584e4a258
SHA512

ac56332328bf16303e9c56eaff27c9a89179bbf6e48d6ad7f2f81232d1cebba618e279d81142d8402d75e6f09762c229a08b90d2e9fb754b0a7eae9203762bee
SSDEEP

768:AVnN7AvQusypHDBfEyvDwcR3wBOhjBYx6KF:ALskytB1v0cRgBkmEo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e250294601c6d993ac7a5d314c39c8a4_JaffaCakes118

Files

e250294601c6d993ac7a5d314c39c8a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f9af072784dd2cb171ebfdf5b90489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
GetCommandLineA
GetFileSize
GetFileType
GetProcAddress
LoadLibraryA
ReadFile
SetEndOfFile
SetFilePointer
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WriteFile

user32

BeginPaint
CreateWindowExA
DestroyCursor
DestroyWindow
EndPaint
ExitWindowsEx
FindWindowExA
GetCapture
GetCursorPos
GetDC
GetDesktopWindow
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowTextA
GetWindowTextLengthA

gdi32

CombineRgn
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetPixel
GetStockObject
SaveDC
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetPixel
SetPixel
SetStretchBltMode
SetTextColor
SetWindowOrgEx
StretchBlt
TextOutA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f9af072784dd2cb171ebfdf5b90489

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 8KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

CODE Size: 13KB - Virtual size: 16KB

CODE Size: 14KB - Virtual size: 24KB

.text
Size: 8KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

CODE
Size: 13KB - Virtual size: 16KB

CODE
Size: 14KB - Virtual size: 24KB