ebaa37ebe33daf3b3c931be7e43dd369_JaffaCakes118

General

Target

ebaa37ebe33daf3b3c931be7e43dd369_JaffaCakes118
Size

44KB
MD5

ebaa37ebe33daf3b3c931be7e43dd369
SHA1

812fa39e8ca2c8b98268d71d3908840da51520fd
SHA256

ef58b28a2e7bfe9e3f7149163ca88d71e3d91769f3a43bac742718f4d088ae68
SHA512

09748f96fcd631afc127d7801d87dc7a668a652ee5024ad5b7db9b9093b7fd82c868d044cdf2eeb0487b80e09f13c601394ec1ee99bcc6f3a4f7ca18e792d14d
SSDEEP

768:VcPKxVu1un2xOUwLByX2FhW+GWOskRf0D/vK9MYYJh6HQ0+aTh9hX68:VcSf9n2nUyX2FYskRfinEMYi6rr1DXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebaa37ebe33daf3b3c931be7e43dd369_JaffaCakes118

Files

ebaa37ebe33daf3b3c931be7e43dd369_JaffaCakes118
.exe windows:4 windows x86 arch:x86

802ac71e7deda78e81a392cddf74264f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
SetTermsrvAppInstallMode
GetCPInfo
SetThreadAffinityMask
FormatMessageA
DisconnectNamedPipe
FindVolumeMountPointClose
GetComputerNameA
DuplicateHandle
VerifyVersionInfoW
FreeLibraryAndExitThread
UpdateResourceA
ReadConsoleInputW
GetLongPathNameA
GetConsoleKeyboardLayoutNameA

user32

SystemParametersInfoA
GetMenuItemInfoW
GetShellWindow
LoadMenuIndirectW
ValidateRect
OemToCharBuffW
SetWindowPlacement
mouse_event
SetDebugErrorLevel
IntersectRect
GetTabbedTextExtentW
GetClassNameA
DrawCaptionTempW
RegisterLogonProcess
DrawEdge
keybd_event
DdeQueryStringA
DefMDIChildProcW
GetMouseMovePointsEx
DestroyMenu
GetCaretBlinkTime
ReuseDDElParam
CharUpperBuffA
CharToOemW
ScrollChildren
GetMessagePos
ScrollDC
PeekMessageW
DrawFrame
GetClassInfoA
CallMsgFilterW
DestroyAcceleratorTable
HideCaret
CloseDesktop
GrayStringA
SetMenuContextHelpId
EnumWindowStationsW

gdi32

GetWindowExtEx
CancelDC
GdiEndPageEMF
GetDCPenColor
CopyEnhMetaFileW
GetCharWidthFloatA
FONTOBJ_pQueryGlyphAttrs
GdiEntry14
GetFontLanguageInfo
GdiConvertAndCheckDC
InvertRgn
ExtCreatePen
AddFontResourceW
GetGlyphOutlineA

comdlg32

dwLBSubclass
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextA
PrintDlgExW
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontA
GetFileTitleW
FindTextW
PageSetupDlgA
PrintDlgA
ChooseColorA
CommDlgExtendedError

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

802ac71e7deda78e81a392cddf74264f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 4KB