42ab34546613aee844ba2d0528d16cbb_JaffaCakes118

General

Target

42ab34546613aee844ba2d0528d16cbb_JaffaCakes118
Size

36KB
MD5

42ab34546613aee844ba2d0528d16cbb
SHA1

88e90e202a37135f945c3cbc5e8dcb0e9b28b015
SHA256

da0b802ef4aedeb7728eda73b16cf90974e6a0d2e77fbb5e136ac4f4b15efebe
SHA512

f9c5d564c80053c31b90da1a248c66c751a83f92312dbb850ac3fae31f8a4c1cc36f20b2d0d4aaedebccc0263b97abd2aa7c87d42873c18868af3cd2c112fb41
SSDEEP

768:h70TaGCbT4Pb67fkcrRcoDsKhl30flS4IScv9JAbqcw:hoBCbT4D6oeDt3WHiJAbzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42ab34546613aee844ba2d0528d16cbb_JaffaCakes118

Files

42ab34546613aee844ba2d0528d16cbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a68448e257f11ca56dbfcd10a5d8ea91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GlobalAlloc
GetStartupInfoA
GlobalFree
GetFileSize
GetCommandLineA
LocalAlloc
LocalFree
GetLastError
CreateEventA
GetModuleHandleA
CloseHandle
GetTickCount
FreeLibrary
lstrcpyA
lstrlenA
lstrcatA
GetVersionExA
Sleep

gdi32

SetROP2
GetDeviceCaps
ExtTextOutA
GetPixel
CreateFontIndirectA
SetBkMode
PatBlt
LineTo
DeleteObject
GetTextColor
CreateCompatibleDC
BitBlt
GetStockObject
GetBkColor
MoveToEx
GetTextExtentPoint32A
GetObjectA
SetPixel
SelectObject
CreateSolidBrush
GetTextMetricsA

user32

EndPaint
LoadIconA
GetWindowRect
MessageBoxA
CreateWindowExA
DefWindowProcA
SetWindowTextA
ShowWindow
DispatchMessageA
EndDialog
TranslateMessage
DestroyWindow

msvcrt

_controlfp
__CxxFrameHandler
rand
wcschr
_XcptFilter
_acmdln
memmove
_c_exit
__p__fmode
wcstoul
__p__commode
__setusermatherr
_adjust_fdiv
__set_app_type
toupper

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a68448e257f11ca56dbfcd10a5d8ea91

Headers

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 24KB - Virtual size: 50KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 24KB - Virtual size: 50KB