ef650f4f023e1173a49ecefb558c8412_JaffaCakes118

General

Target

ef650f4f023e1173a49ecefb558c8412_JaffaCakes118
Size

211KB
MD5

ef650f4f023e1173a49ecefb558c8412
SHA1

beaec93879fd5cb728506c8ccb39994052ad52fd
SHA256

d5cfe66a3c2ebfdf5be1d52f98b5ce0c98acc8e481714882e79ae6af16309022
SHA512

8c4826e98ac92c07fb4da5d8fdb1deb31177233fb2557491cd67cfd40a0e27d2c3f1d31a7c86088a6a3f0f062891610373adf8d5697b56607111a3fcbd8b7b61
SSDEEP

6144:YM3ZH3KsevTHzsWbof0YhQgPTfj8xOZLMf:YMJXOHzbw5/KOZLMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef650f4f023e1173a49ecefb558c8412_JaffaCakes118

Files

ef650f4f023e1173a49ecefb558c8412_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3886d1951fc341d9156a046f2aa74b6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ChangeTimerQueueTimer
CloseHandle
LoadLibraryA
WritePrivateProfileStringA
VirtualProtect
SetTapePosition
SetConsoleMaximumWindowSize
DosDateTimeToFileTime
CreateToolhelp32Snapshot
GetCurrentConsoleFont
EnumTimeFormatsA
GetConsoleAliasesW
WriteFileEx
LocalFree
GetThreadTimes
GetProcAddress
ReadConsoleInputExW
SetSystemTime
GlobalHandle
GetConsoleAliasExesLengthW
GlobalUnlock
CompareStringW
EnumLanguageGroupLocalesA
GetSystemInfo
GetLastError
GetCurrencyFormatW
SearchPathW

user32

CopyIcon
SetCursor
GetCursorInfo
MessageBoxW
DestroyWindow
DestroyIcon
EditWndProc
GetKeyState
MenuWindowProcA
SetClipboardData
ShowCursor
GetKBCodePage
GetClipboardViewer
UnlockWindowStation
SetMenuItemInfoA
InternalGetWindowText

gdi32

EndPage
GetCharABCWidthsW
GetTextExtentPoint32W
SetBkColor
SetMapMode
AbortDoc
SetTextAlign
GdiArtificialDecrementDriver
GetCharWidthI
SetArcDirection
GdiIsMetaFileDC
DeleteDC
StartDocW
GdiQueryTable
CreateCompatibleBitmap
ScaleViewportExtEx
GdiGetDC
EngStretchBlt
PATHOBJ_vGetBounds
Polygon
PolyDraw
GdiEntry13
CopyMetaFileW
EngCreateBitmap
PlayEnhMetaFileRecord
GetPixelFormat
GdiGradientFill
TextOutW
GdiGetBatchLimit

comdlg32

GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetFileTitleW
dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
PageSetupDlgA
ChooseColorA
PrintDlgExW
CommDlgExtendedError
PrintDlgA
ReplaceTextA
FindTextW

Sections

.text
Size: 4KB - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3886d1951fc341d9156a046f2aa74b6e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1004KB

.data Size: 202KB - Virtual size: 204KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1004KB

.data
Size: 202KB - Virtual size: 204KB

.idata
Size: 2KB - Virtual size: 4KB