f6e3b9b03dc26af8f70a8fe07fac177f_JaffaCakes118

General

Target

f6e3b9b03dc26af8f70a8fe07fac177f_JaffaCakes118
Size

977KB
MD5

f6e3b9b03dc26af8f70a8fe07fac177f
SHA1

be1839de04a588e211bc2ee4bd2bb07c0e29cf26
SHA256

6ed4bfe4ea66c8a08a37409eed5f0ba10bf187886f900beac599922150bc4cf0
SHA512

77ab41f9b52c2ba9392a2b5ca340d2dd43ee79e822a3b3849e09a297cc5eb76864430e08ba32aeae454ad94945ad9c2a65becab83ea7b8761d90a23d70bee23a
SSDEEP

24576:6JkGhIysDbuUcbQoInWnLkONGV3MuMgnCFOYU2I:6Jk9hfuUZoLVIm9gC1U2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6e3b9b03dc26af8f70a8fe07fac177f_JaffaCakes118

Files

f6e3b9b03dc26af8f70a8fe07fac177f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f327f57326e16c7624de543e42e9b708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
CallNextHookEx
EnableMenuItem
SetWindowTextA
CheckMenuItem
ShowWindow
ModifyMenuA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetWindowsHookExA
GetCapture
LoadBitmapA
IsChild
SendDlgItemMessageA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

shlwapi

PathFileExistsA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

kernel32

GlobalAddAtomA
GlobalFree
GetCurrentProcessId
GlobalLock
GlobalUnlock
CreateFileA
GlobalDeleteAtom
FormatMessageA
MulDiv
GetCurrentThreadId
lstrcmpW
SetUnhandledExceptionFilter
FreeResource
GlobalGetAtomNameA
HeapCreate
ReleaseMutex
SetLastError
CreateFiber
CreateMutexA
GetModuleFileNameW
GlobalFindAtomA

comdlg32

GetFileTitleA

sensapi

IsNetworkAlive

tapi32

lineSetAgentState
lineAccept

gdi32

GetWindowExtEx
GetObjectA
CreateBitmap
SetBkColor
RestoreDC
SetMapMode
DeleteObject
SaveDC
GetViewportExtEx
SetTextColor
RectVisible
PtVisible
GetClipBox
TextOutA

shell32

ShellExecuteA
ShellExecuteW

Sections

.text
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f327f57326e16c7624de543e42e9b708

Headers

File Characteristics

Imports

user32

winspool.drv

shlwapi

kernel32

comdlg32

sensapi

tapi32

gdi32

shell32

Sections

.text Size: 622KB - Virtual size: 622KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 319KB - Virtual size: 3.6MB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 622KB - Virtual size: 622KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 319KB - Virtual size: 3.6MB

.rsrc
Size: 32KB - Virtual size: 31KB