01a79465b9ebbe291b18aca135238300_JaffaCakes118

General

Target

01a79465b9ebbe291b18aca135238300_JaffaCakes118
Size

279KB
MD5

01a79465b9ebbe291b18aca135238300
SHA1

1eb97d7666b63b15236c91b49bbe7699430b487f
SHA256

5641050c99f4fdc4317f575ff9bf42400b168be35bbc929c26421b5c8e8edda9
SHA512

ef35ded23b5afeec443e1ff32b40bf1f71450ab9cdbd379dd2faf4eb2d396261aab50c6409a7f5f27c3510662151ccd17f0fcfae7e92aa57dfadaddf31699438
SSDEEP

6144:BYykDxqeQCpYHkR3/6Q0LhEukvm01eMfj:BGxqeQNHkRv+OZwej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01a79465b9ebbe291b18aca135238300_JaffaCakes118

Files

01a79465b9ebbe291b18aca135238300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3dcea03ba3b8d145b46b6ee506e4dbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
GetUserDefaultLangID
ReleaseMutex
GetThreadLocale
IsDBCSLeadByte
CreateMutexA
GetShortPathNameA
GetModuleHandleA
TlsGetValue
SetEvent
CompareStringA
CreatePipe
TlsFree
CancelWaitableTimer
GetThreadPriority
GetLargestConsoleWindowSize
GetThreadTimes
GetOEMCP
VirtualAlloc
GetConsoleCP
AddAtomA

user32

GetSystemMetrics
GetForegroundWindow
IsIconic
ReleaseDC
GetActiveWindow
RegisterClassA
InvalidateRect
GetDC
ValidateRect
GetWindowTextA
ShowWindow
GetClassNameA
IsWindowVisible
GetClassInfoExA
GetWindowTextLengthA
ReleaseDC
CloseWindow
GetFocus
GetWindow

dsound

GetDeviceID
DirectSoundCreate
DllCanUnloadNow
DllGetClassObject
DirectSoundEnumerateA

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3dcea03ba3b8d145b46b6ee506e4dbb

Headers

File Characteristics

Imports

kernel32

user32

dsound

mscms

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 880KB

.tls Size: 512B - Virtual size: 40B

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 880KB

.tls
Size: 512B - Virtual size: 40B

.rsrc
Size: 92KB - Virtual size: 91KB