f59abaffcee873f82282c0e9fd3f0d8b_JaffaCakes118

General

Target

f59abaffcee873f82282c0e9fd3f0d8b_JaffaCakes118
Size

208KB
MD5

f59abaffcee873f82282c0e9fd3f0d8b
SHA1

2fe13b819094b437bd0ba636e4e21bbf6f981001
SHA256

0e7eac617c90130f9a725d8420329119de223b5dcc36de2bc29b35ecea30edd3
SHA512

ec306c0a0b7786865699fad280553659d75369350dc3a20003f45f36688a16ce954a9ef516e19b02ef652b2f5d3489826fe0c2f1a14c481862d150289020b3a7
SSDEEP

3072:ZfnuKCSv+Fm7ccPa/JSctxn6iuyIlydwvgmCFDtx280fgv9Q6vyHR4:ZPuMmQAwgJSctxnPwM08vZpvym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f59abaffcee873f82282c0e9fd3f0d8b_JaffaCakes118

Files

f59abaffcee873f82282c0e9fd3f0d8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f731ab6c023d090c10ad5e2c021e24d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
FileTimeToDosDateTime
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetFileSize
GetShortPathNameA
GetTempFileNameA
GetThreadLocale
HeapReAlloc
LeaveCriticalSection
LocalFree
OutputDebugStringA
QueryPerformanceCounter
RemoveDirectoryA
ResumeThread
WriteFile

gdi32

ArcTo
CreateBrushIndirect
CreateDIBitmap
EndPath
EnumFontFamiliesW
ExtEscape
FillRgn
GetEnhMetaFileDescriptionA
GetObjectType
GetWinMetaFileBits
Rectangle
SetAbortProc
StrokeAndFillPath

shell32

DragFinish
DragQueryFile
DragQueryFileA
SHBrowseForFolderW
SHGetFolderLocation
ShellExecuteW

user32

AdjustWindowRectEx
CharNextA
ClientToScreen
DefWindowProcA
DrawIcon
DrawIconEx
EnableMenuItem
GetCapture
GetForegroundWindow
GetScrollRange
GetSystemMetrics
GetWindowPlacement
GetWindowThreadProcessId
IsRectEmpty
UnhookWindowsHookEx
wsprintfA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

l5v61GUr
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f731ab6c023d090c10ad5e2c021e24d

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

l5v61GUr Size: 1024B - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

l5v61GUr
Size: 1024B - Virtual size: 120KB