f567fc8476bec7af2996b8cff6e58841_JaffaCakes118

General

Target

f567fc8476bec7af2996b8cff6e58841_JaffaCakes118
Size

44KB
MD5

f567fc8476bec7af2996b8cff6e58841
SHA1

8fce5ef15100aeab46327bce2ef0e1265e93897d
SHA256

5711888482649e9aa687f428a25d5ef93fcb2b1f6aa61fb5f013769a5448f60f
SHA512

58e0ce8501c2de366a8916c95c835c7d48df96d8e47c7a256f2adb41f518d79c0a6509381fe44c99a131899aa51993b6946f12f80ddf9e53721ac959370a37e6
SSDEEP

768:VoQm5pVu1us2CBRdqPGSrF6QBeHmjKfohnHeiNGuuDV:V9mV9s2CRdqLZ6QYHJu4DV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f567fc8476bec7af2996b8cff6e58841_JaffaCakes118

Files

f567fc8476bec7af2996b8cff6e58841_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30976b4d9af5ff4e30f60f760462cec3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
VirtualProtect
GetConsoleFontInfo
GetNumberOfConsoleMouseButtons
FindFirstVolumeA
GetComputerNameW
FreeEnvironmentStringsW
Heap32ListNext
AddConsoleAliasW
GetLastError
GetConsoleMode
CompareStringW

user32

ScrollWindowEx
DestroyMenu
UpdatePerUserSystemParameters
EnumDesktopsA
GetDesktopWindow
DeviceEventWorker
SendMessageW
ScrollDC
GetMenuInfo
GetMenuItemInfoA
CloseWindowStation

gdi32

SetRelAbs
EnumEnhMetaFile
GetKerningPairsA
StrokePath
IntersectClipRect
StretchBlt
CreatePolygonRgn
SetVirtualResolution
SetDCBrushColor
EngCreateBitmap
GetDIBits
bMakePathNameW
CreateFontW
CreateEnhMetaFileW
FONTOBJ_vGetInfo
AbortDoc
FONTOBJ_cGetGlyphs
GetBitmapDimensionEx
EngCheckAbort
GetBoundsRect
PATHOBJ_vGetBounds
GetFontData

comdlg32

LoadAlterBitmap
GetOpenFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseColorW
GetFileTitleW
PrintDlgExA
PageSetupDlgW
CommDlgExtendedError
PrintDlgA
GetFileTitleA
PrintDlgExW

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30976b4d9af5ff4e30f60f760462cec3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 4KB