0af5d0a6f298a3db51d810e3589c6842_JaffaCakes118

General

Target

0af5d0a6f298a3db51d810e3589c6842_JaffaCakes118
Size

2.0MB
MD5

0af5d0a6f298a3db51d810e3589c6842
SHA1

b21b061dcd3c59818d08a17291db6d7591fbe55d
SHA256

1a32b25123408ebebf8881af358fc999d840c533e0f51e87fd5cd5b3e07f6ef9
SHA512

5708f9c376b219e81d375ac65849fb8c58ecc3e6da85f610f487c842e18807bf60c96a8ba88f33cbf984818d9ab17548edaecf535ed64ce23540897955bae29d
SSDEEP

12288:j/TiXksnHNE8FKUTGo7NRNWi75CBN8DXM9fTU4w7L3FlAiYVbm:niJnHNrU8Go7fNf7wlDSlAjVK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af5d0a6f298a3db51d810e3589c6842_JaffaCakes118

Files

0af5d0a6f298a3db51d810e3589c6842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f487b4cc0135c15dab63c0d59c9b030e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetVersion
LocalFree
Sleep
lstrcpyA
GetStartupInfoA
GlobalFree
lstrcatA
lstrlenA
GetCommandLineA
GetModuleHandleA
FreeLibrary

gdi32

SetROP2
BitBlt
CreateSolidBrush
CreateCompatibleDC
GetPixel
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
MoveToEx
CreateFontIndirectA
GetObjectA
SetPixel
GetTextColor
GetStockObject
PatBlt
SelectObject
GetDeviceCaps
ExtTextOutA
SetBkMode

user32

DispatchMessageA
SetWindowTextA
MessageBoxA
GetFocus
GetClientRect
DefWindowProcA
EndPaint
LoadIconA
DestroyWindow
ScreenToClient
GetSysColor
TranslateMessage
BeginPaint
CreateWindowExA
EndDialog
ShowWindow
GetWindowRect
PostQuitMessage
SetFocus
GetMessageA
DialogBoxParamA

msvcrt

_c_exit
exit
_exit
__set_app_type
_acmdln
_XcptFilter
__getmainargs

Sections

.text
Size: 1024B - Virtual size: 993B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f487b4cc0135c15dab63c0d59c9b030e

Headers

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

Sections

.text Size: 1024B - Virtual size: 993B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 1024B - Virtual size: 993B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB