fafd06aa749744842fa11913214b0363_JaffaCakes118

General

Target

fafd06aa749744842fa11913214b0363_JaffaCakes118
Size

273KB
MD5

fafd06aa749744842fa11913214b0363
SHA1

cafd355a429f2e5559b43d272f0d6f0ec8049343
SHA256

c5ec92c128d8350c57956b0b59bfb2a5454f45e4736090d8982aff79440328b2
SHA512

b6c023b9075663b4c018caa53b70c474d0a9549e86e413a9506a230a60c129225c0fd08b73789466d7ace7e20f5b381e1948f0d7d0fa97eabd4e20f83f71c95a
SSDEEP

6144:PLAZ0yYzPjmUT4zBjy5LLhEjbbcxabfnFb61ysb+N:PLAiyw+BOjEf4wrnFB6+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fafd06aa749744842fa11913214b0363_JaffaCakes118

Files

fafd06aa749744842fa11913214b0363_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15e6ba2957bcc588533c0859d118b169

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

BeginUpdateResourceA
BuildCommDCBA
CreateNamedPipeA
DosDateTimeToFileTime
ExitProcess
FreeConsole
GetCommandLineA
GetDefaultCommConfigW
GetTempFileNameW
GetVolumeInformationA
GlobalUnfix
IsBadHugeWritePtr
IsProcessorFeaturePresent
LocalFlags
LocalLock
MapViewOfFileEx
Module32Next
MultiByteToWideChar
RemoveDirectoryA
SetCommState
SetConsoleCursorPosition
SetConsoleWindowInfo
SetFileApisToOEM
SetStdHandle
SetVolumeLabelW
SuspendThread
WaitNamedPipeA
WriteConsoleOutputCharacterA
_lopen

user32

AppendMenuW
CheckRadioButton
DdeFreeStringHandle
DdeGetData
DdeKeepStringHandle
EnumDisplaySettingsExW
EnumPropsW
GetClassInfoW
GetClientRect
GetInternalWindowPos
GetWindowThreadProcessId
IsCharAlphaW
MessageBoxExA
RealGetWindowClass
RedrawWindow
RegisterDeviceNotificationA
SetMenuDefaultItem
ShowCaret
ToUnicodeEx
UnionRect

gdi32

ColorMatchToTarget
CreateBitmap
CreateEnhMetaFileW
CreatePenIndirect
EqualRgn
ExtFloodFill
ExtTextOutA
FillPath
GdiPlayJournal
GetDIBColorTable
GetEnhMetaFileA
GetEnhMetaFileHeader
GetICMProfileW
GetLogColorSpaceW
GetMiterLimit
GetOutlineTextMetricsA
GetTextExtentExPointA
LineDDA
OffsetViewportOrgEx
PlayEnhMetaFile
PlayMetaFile
Polygon
RemoveFontResourceA
ResizePalette
ScaleWindowExtEx
SetROP2
SetTextAlign
SetTextCharacterExtra
SetWindowOrgEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15e6ba2957bcc588533c0859d118b169

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 269KB - Virtual size: 280KB

.rdata Size: - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 508KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 269KB - Virtual size: 280KB

.rdata
Size: - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 508KB