18356cf0c95cfa46be856cf2effe3491_JaffaCakes118

General

Target

18356cf0c95cfa46be856cf2effe3491_JaffaCakes118
Size

214KB
MD5

18356cf0c95cfa46be856cf2effe3491
SHA1

d6d17d2c00c2ba04fa6ebe77ad9164747d72e760
SHA256

ed1707d500c51b030f3c11d4596d0865180ef0ce3bfd02610db429825ea07e16
SHA512

5002f67dc8cbbf0d857a28ffdfa4da9ea439ef29aceeeaeb5a757dcff7fe61d5a4c40d9154ab67ab30f8891d22dcb443a3039f836dfe7ed0656d2ccd6acc235a
SSDEEP

3072:ZoslKZNbgdHzOOd4/Udh2jTQDXRfB5IAQxcIKIp4m6D63oD1hZmsUQV0Gxtl7h+0:ZosINbgZO1MWQ1XIAQxcuU34sJ00P+ti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18356cf0c95cfa46be856cf2effe3491_JaffaCakes118

Files

18356cf0c95cfa46be856cf2effe3491_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e954924772d097cbe3158c5e3a56e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
DeleteFileW
DuplicateHandle
FindResourceW
GetDateFormatA
GetFileSize
GetLastError
GetUserDefaultLCID
GetWindowsDirectoryA
IsDebuggerPresent
LCMapStringW
LoadLibraryExA
LoadResource
ResumeThread
SetFileAttributesW
SetStdHandle
TlsAlloc
TlsFree
TlsSetValue

gdi32

AbortDoc
CopyMetaFileW
CreateDIBitmap
CreateFontIndirectA
CreateICW
EnumFontsA
FillPath
GetClipRgn
GetEnhMetaFileBits
GetPaletteEntries
GetTextExtentPointW
GetWinMetaFileBits
PatBlt
Pie
PlayMetaFile
PtVisible
ScaleWindowExtEx
SelectPalette
SetDIBColorTable
SetPolyFillMode
StartDocA
TextOutW

user32

CharLowerA
CloseClipboard
DialogBoxParamA
DrawIcon
EnableMenuItem
EnableWindow
EnumWindows
GetClientRect
GetIconInfo
GetSystemMenu
GetTopWindow
InvalidateRect
IsIconic
IsWindowVisible
IsZoomed
MessageBoxA
PostQuitMessage
SetFocus
SetPropA
SetScrollPos
ShowOwnedPopups

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33e954924772d097cbe3158c5e3a56e2

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 22KB - Virtual size: 140KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 22KB - Virtual size: 140KB