011d780b2bcdf1b37bfe7d260f7995c9_JaffaCakes118

General

Target

011d780b2bcdf1b37bfe7d260f7995c9_JaffaCakes118
Size

709KB
MD5

011d780b2bcdf1b37bfe7d260f7995c9
SHA1

f57b98b602dbe011624941d1978fe4ddf9423105
SHA256

c15fb10640c1ffedf042b6723acf5303d0cd8ac46e343156ef70e158586d16c2
SHA512

e40b8d1d26dad500ea08990a601df7b64a6f6bc739d390b3581ef656e8bd4322f4601d6338cfec67a64986f5596f3d350883526052d563a5c29e9b848660a1c0
SSDEEP

12288:no5c3JBZhDQjar8ZQgTOZ70cWapNw7THHPYa:o5c3dhDQjaw1W0cpw7THHPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
011d780b2bcdf1b37bfe7d260f7995c9_JaffaCakes118

Files

011d780b2bcdf1b37bfe7d260f7995c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f977534c6b138131486d9cd22ec8aee7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
CreatePipe
GetLongPathNameA
GetPrivateProfileSectionW
ReadFile
IsBadReadPtr
SetProcessShutdownParameters
GetDiskFreeSpaceW
FlushFileBuffers
UnmapViewOfFile
FlushConsoleInputBuffer
WaitNamedPipeA
SetConsoleTitleA
RemoveDirectoryA
FindNextChangeNotification
GetCurrentDirectoryW
EnumTimeFormatsW
ReadConsoleInputW
SetFileAttributesA
LeaveCriticalSection
LocalReAlloc
SetupComm
IsDBCSLeadByteEx
CreateProcessA
SetHandleCount
ReadDirectoryChangesW
GlobalAddAtomA
ExitProcess

ole32

OleSave
GetClassFile
CoRegisterMallocSpy
PropVariantCopy

user32

LoadBitmapW
MonitorFromPoint
VkKeyScanW
FindWindowA
WinHelpA
EnumThreadWindows
TrackPopupMenu
SetWindowsHookW
GetMenuState
EmptyClipboard
DrawTextA
MapDialogRect
DrawIconEx
ChildWindowFromPoint
RegisterWindowMessageA
LoadIconW
DispatchMessageW
SetProcessWindowStation
LoadMenuW
CharUpperBuffA
GetWindow
SendMessageTimeoutA
AppendMenuW
GetCapture
EndMenu
IsMenu
IsDialogMessageW

gdi32

GetCurrentObject
SetDIBitsToDevice

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f977534c6b138131486d9cd22ec8aee7

Headers

File Characteristics

Imports

kernel32

ole32

user32

gdi32

Sections

.text Size: 312KB - Virtual size: 312KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 382KB - Virtual size: 382KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 312KB - Virtual size: 312KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 382KB - Virtual size: 382KB

.rsrc
Size: 10KB - Virtual size: 9KB