409cde93f10b4f8b0a5dbfce92ba1ae8_JaffaCakes118

General

Target

409cde93f10b4f8b0a5dbfce92ba1ae8_JaffaCakes118
Size

214KB
MD5

409cde93f10b4f8b0a5dbfce92ba1ae8
SHA1

b5fad000256a0e5f3073eae1b71ae828840500b5
SHA256

5e46ff27d7514472e790b0afea4577bb0965899d4ec91d2782928beaadd12107
SHA512

556a164dc5ba332695223947a00b71518ab5f220807c537d7c83cff4cbe1a53b2b0cc3fea78e3b349c690408831bda13bc066b8aef44f6172b3c88701c2781e2
SSDEEP

6144:LRwP6TIoqodtJvQRo/QO00F6dc8XFqw3k:q0tSi004dc8VD3k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409cde93f10b4f8b0a5dbfce92ba1ae8_JaffaCakes118

Files

409cde93f10b4f8b0a5dbfce92ba1ae8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5355e5d9d85d32d45d7f1545a1c6da4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
FindFirstFileA
FindResourceA
GetExitCodeThread
GetFileSize
GetStringTypeW
GetThreadLocale
GlobalFindAtomA
HeapAlloc
LCMapStringW
LoadLibraryW
OutputDebugStringA
SetErrorMode
TerminateProcess
TlsSetValue
WriteFile
lstrcmpA
lstrcmpiA

shell32

SHAppBarMessage
SHBrowseForFolder
SHCreateDirectoryExW
SHGetDiskFreeSpaceExW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
Shell_NotifyIconW

gdi32

AbortDoc
CreateBitmap
CreateEnhMetaFileA
CreateICA
FrameRgn
GetBrushOrgEx
GetClipRgn
GetEnhMetaFileDescriptionA
GetTextMetricsW
OffsetViewportOrgEx
RestoreDC
SetPolyFillMode
StretchBlt

user32

DestroyIcon
DestroyWindow
DialogBoxParamA
EndPaint
GetCapture
GetMessageA
GetPropA
GetScrollPos
GetWindowPlacement
InflateRect
IsChild
IsWindow
IsWindowEnabled
RegisterClipboardFormatA
ReleaseDC
RemoveMenu
SetScrollRange
SetTimer

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5355e5d9d85d32d45d7f1545a1c6da4a

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 22KB - Virtual size: 140KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 22KB - Virtual size: 140KB