fb404e09bc70f50f61b0a7e3f0116488_JaffaCakes118

General

Target

fb404e09bc70f50f61b0a7e3f0116488_JaffaCakes118
Size

364KB
MD5

fb404e09bc70f50f61b0a7e3f0116488
SHA1

bf6740511c06de6c6aae7b2375b3455197613374
SHA256

031935a5ed2407c4cc7ca04b0a4d364f86826805d1cf32df7e2c7a3604831784
SHA512

9b01f949b341795e26ba7976aea5a57aaafc5abf0c91cf81a9da630dee5b70b283f7807bdb05d8a3883bad2fd420c440c2e3585a4263c99531354ee680070690
SSDEEP

6144:svZoxdcjitRXqhRUbVDxQGRfYHex97t5hJAFVu459W/q/7Vq2Pllu9Y2Lvt:svZoxhXXq4bVDxhRf8ex97t5Y/d9eq/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb404e09bc70f50f61b0a7e3f0116488_JaffaCakes118

Files

fb404e09bc70f50f61b0a7e3f0116488_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e98d8b70ab8918d6b932b33c1ae9dde2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetProcessTimes
GetCurrentProcess
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileW
GetSystemTime
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetSystemPowerStatus
LoadLibraryW
LoadLibraryA
lstrcpynW
lstrcpyW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
SetFilePointer
HeapAlloc
RtlUnwind
HeapReAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetLastError
CloseHandle
WriteFile
ReadFile

user32

SetCursorPos
GetSystemMetrics
GetSysColor
SetSysColors
GetWindowRect
GetCursorPos
SystemParametersInfoA
CopyRect
SetRect
IntersectRect
SetRectEmpty
LoadBitmapA
LockWindowUpdate
ShowCaret
GetDesktopWindow
GetWindowDC
ReleaseDC
AdjustWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetFocus

gdi32

CreatePolygonRgn
Polygon
GetStockObject
FillRgn
DeleteObject
CreateRectRgn
GetRgnBox
SetMapMode
GetTextMetricsA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e98d8b70ab8918d6b932b33c1ae9dde2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 316KB - Virtual size: 313KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 316KB - Virtual size: 313KB