0354095f7f359e83b474376f09619d29_JaffaCakes118

General

Target

0354095f7f359e83b474376f09619d29_JaffaCakes118
Size

81KB
MD5

0354095f7f359e83b474376f09619d29
SHA1

d4f6b96bbae2affd9968c03e4bf730a63e78fcc9
SHA256

ea19e594a783965c3256a07f60e747e7a7181ee52cac667ffac5b83ece9d27b8
SHA512

3e01fc2b1e2129f6fcc2ffb73a1fee2c43a0dcfe55fc156ca990bd81c247d9a4982c091d75397575999797fb4632e2be7fa2ef9b31c94ebe7b5e9c49fbf24c1d
SSDEEP

768:FzUZLhoQ9JvRFHZ5gTaMnaMbMaUvxZFLgKB3yISDwEXlGWC9oBPDFQRbkLipl:FzUvTDzWb0dMKB3ylwxWC9oJLipl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0354095f7f359e83b474376f09619d29_JaffaCakes118

Files

0354095f7f359e83b474376f09619d29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

126a0fdb5c761b8facb40c41bcf88ae6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
DeleteFileA
GetLastError
GetStringTypeA
GetCPInfo
GlobalFree
GlobalAlloc
GetModuleFileNameA
lstrcatA
WideCharToMultiByte
GetModuleHandleA
GetOEMCP
GetFileAttributesA
GetFileSize
GetLogicalDrives
GetFileType
Sleep
FreeConsole
GetStringTypeW
FreeConsole
GetLogicalDrives
FreeConsole
ExitProcess
FreeConsole
GlobalFree
FreeConsole
lstrcpynA
FreeConsole
DeleteFileA
FreeConsole
GetCommandLineA
FreeConsole
GetModuleHandleA
FreeConsole
GetLocalTime

user32

GetMenu
GetDC
DrawIconEx
EndDialog
IsWindow
CalcMenuBar
AppendMenuW
AppendMenuA
DrawIcon
GetWindowTextLengthA
CopyRect
IsMenu
GetDlgItem
LoadMenuA
GetCursor
DrawTextA
DialogBoxParamA
CalcMenuBar
DrawTextW
LoadCursorA
GetDlgItem
AlignRects
CopyIcon
GetCursor
CloseWindow
LoadMenuA
IsMenu
CopyImage
BlockInput
DrawIconEx
CreateIcon
DrawIcon
CopyRect
GetWindowTextLengthA
AppendMenuW
GetWindowTextA
InsertMenuA
GetDC

Sections

.tedt
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddda
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bas
Size: - Virtual size: 642B

IMAGE_SCN_MEM_READ

.radc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

126a0fdb5c761b8facb40c41bcf88ae6

Headers

File Characteristics

Imports

kernel32

user32

Sections

.tedt Size: 11KB - Virtual size: 11KB

.rddda Size: 47KB - Virtual size: 47KB

.edata Size: 9KB - Virtual size: 32KB

.bas Size: - Virtual size: 642B

.radc Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.tedt
Size: 11KB - Virtual size: 11KB

.rddda
Size: 47KB - Virtual size: 47KB

.edata
Size: 9KB - Virtual size: 32KB

.bas
Size: - Virtual size: 642B

.radc
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB