fcc495701c8d365d4438864879893756_JaffaCakes118

General

Target

fcc495701c8d365d4438864879893756_JaffaCakes118
Size

42KB
MD5

fcc495701c8d365d4438864879893756
SHA1

4b110a71d3d8fe90af33a467df834f5dcf8af9e5
SHA256

6736f3c831c778ac827e6e5d7b4f93d840f471fd9f482148989b800dec85fde8
SHA512

493d96aa5488aa81131f1b31be32e0b3b5ce458fc7b75966b56cbf935f748e789bd64b2d479715046716fc29af82f62a4303d85f9131e9466aff9ab87a83b8d7
SSDEEP

768:Zb1NpPDlLfztnYquY2sfO9F+alqxS2iDMpO1QvPttvZujkxGhXo+h:V1/lbztZup9skq70B1itvZuoxoYQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcc495701c8d365d4438864879893756_JaffaCakes118

Files

fcc495701c8d365d4438864879893756_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1411c05a28ac1a6fec2a6be5b18057ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
DisableThreadLibraryCalls
EnumResourceNamesW
ExitProcess
FindNextChangeNotification
FreeResource
GetCPInfo
GetCompressedFileSizeA
GetNumberFormatW
GetPrivateProfileIntA
GetProcessAffinityMask
GetProcessHeaps
GetVersionExA
GlobalMemoryStatus
InterlockedIncrement
IsBadHugeReadPtr
IsBadHugeWritePtr
IsDBCSLeadByteEx
IsProcessorFeaturePresent
OpenFileMappingW
QueueUserAPC
ReleaseSemaphore
RemoveDirectoryA
RequestWakeupLatency
ScrollConsoleScreenBufferA
SetComputerNameA
TlsFree
lstrcpy
lstrlen

user32

AppendMenuW
BeginDeferWindowPos
ChangeDisplaySettingsA
ChangeDisplaySettingsW
CloseWindow
CreateIconIndirect
DispatchMessageW
EditWndProc
EnumChildWindows
EnumDisplaySettingsA
EnumPropsExW
GetClassLongA
GetComboBoxInfo
GetKeyState
GetKeyboardLayoutNameW
HiliteMenuItem
IMPGetIMEW
LoadCursorFromFileW
MenuItemFromPoint
OffsetRect
OpenWindowStationA
SendMessageCallbackW
SetCursorPos
SetParent
SetWindowsHookExW
ToUnicode
TrackPopupMenuEx
TranslateMDISysAccel
UnionRect
WaitForInputIdle

gdi32

AddFontResourceW
CopyMetaFileA
CreateBitmapIndirect
CreateDIBPatternBrushPt
EnumFontFamiliesExA
EnumObjects
GdiPlayDCScript
GdiSetBatchLimit
GetCharABCWidthsA
GetCharWidth32A
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetLayout
GetPixelFormat
GetStockObject
GetTextExtentPoint32A
MoveToEx
PlayMetaFile
PolyPolyline
PolyTextOutW
RemoveFontResourceW
SetBkColor
SetICMMode
SetLayout
UnrealizeObject

Sections

.code
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1411c05a28ac1a6fec2a6be5b18057ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.code Size: 512B - Virtual size: 4KB

.data Size: 40KB - Virtual size: 56KB

.rdata Size: 512B - Virtual size: 8KB

.code
Size: 512B - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 56KB

.rdata
Size: 512B - Virtual size: 8KB