f99d73269fbd583d01654f3ffedba086_JaffaCakes118

General

Target

f99d73269fbd583d01654f3ffedba086_JaffaCakes118
Size

133KB
MD5

f99d73269fbd583d01654f3ffedba086
SHA1

9f5f0659edb3399e0bc40349ff5db3e7773564e7
SHA256

b75188fefe58c5683e248592ce3274de8bb887ba8fb606250f4984268fafea31
SHA512

ad597a8aafbeb1679a00063fb4a9614a79f8d24092da9557fc5fa06ad391c792a8349501bea94cf3e5687da90cc99cdae4305909f4f1ee4d6341aea273d79bff
SSDEEP

1536:ZZQjmNNm4gNyq2R8c2sWUtLTBBJ76WUgJHupcGPgqcmCF6kZA3FRpq+FcwrD6DSm:JyLK8cUgZ7FUSO7A1gFN3uStPQYLApz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f99d73269fbd583d01654f3ffedba086_JaffaCakes118

Files

f99d73269fbd583d01654f3ffedba086_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4a463e4ed1086d9a376fce8d3f0224a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
ExitProcess
FormatMessageA
GetCPInfo
GetCurrentThread
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTimeZoneInformation
IsDBCSLeadByte
IsDebuggerPresent
LCMapStringA
LoadLibraryA
MapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrlenW

user32

GetClientRect
MapWindowPoints
MessageBoxA
ScreenToClient
SetWindowLongA

gdi32

CreateBrushIndirect
Escape
ExtTextOutA
GetDIBColorTable
GetDeviceCaps
GetObjectA
GetPixel
GetTextMetricsA
IntersectClipRect
LineTo
MaskBlt
SelectPalette
SetDIBColorTable
SetViewportOrgEx

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconA
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHGetFileInfo
SHGetFolderLocation
Shell_NotifyIconA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4a463e4ed1086d9a376fce8d3f0224a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.rsrc Size: 20KB - Virtual size: 136KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 20KB - Virtual size: 136KB