4598443f400e3e9f753ea15b003bf048_JaffaCakes118

General

Target

4598443f400e3e9f753ea15b003bf048_JaffaCakes118
Size

134KB
MD5

4598443f400e3e9f753ea15b003bf048
SHA1

297e7388c6d93853d3ccf0d9a3eb33e884412a4e
SHA256

fe3d1d1c62bc5c3c1ea5de689a4e4818fb01f41720a8e5ac4e212de142b8cbb5
SHA512

61847b01ea7c06d6c73ba72d0efb64243cc4421b2203706d2f09c628c25735fa1e25bf2b24121b5d8726c4f1cd17027d647ef4db07e3eca6f136292c5334e09f
SSDEEP

1536:szJKc15vYh7GTuM/X18q/qlZV8fS+1j6NSZy8unfNbZL93ZKbvWTxZZWhRp:8YEesH/FDYZuS+t6Q8nzL+LWTxfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4598443f400e3e9f753ea15b003bf048_JaffaCakes118

Files

4598443f400e3e9f753ea15b003bf048_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab62a657ca53098f26d59b1c2b0e476d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
GetCommandLineA
GetModuleHandleA
GetConsoleOutputCP
GetVolumePathNamesForVolumeNameA
FindResourceExA
CreateFileA
WritePrivateProfileSectionA
GetMailslotInfo
GetSystemWindowsDirectoryA
GetPrivateProfileStructA
VirtualAlloc
TransmitCommChar
GetStartupInfoA
IsValidLanguageGroup
GetWindowsDirectoryA
GetThreadContext
GetConsoleOutputCP
GetCurrentProcessId
SetTimerQueueTimer
GetConsoleAliasExesLengthA
GetVolumeInformationA

gdi32

PolyTextOutW

user32

ChangeDisplaySettingsExA
OpenWindowStationA
AnyPopup
MenuItemFromPoint
GetKeyboardLayoutNameA
OpenDesktopA
GetProcessDefaultLayout
SendMessageCallbackA
CharUpperBuffA
RealGetWindowClassA
SetClassLongA
GetAncestor
UnregisterUserApiHook
LoadBitmapA
PrintWindow
GetWindowTextA
LoadMenuA
LoadMenuA
ReasonCodeNeedsBugID
SendMessageTimeoutW
QuerySendMessage
GetMenuState
GetCursorPos
EqualRect
SetPropA

Exports

Exports

Atoqhed
Earmdea
Uagdgfxnas

Sections

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab62a657ca53098f26d59b1c2b0e476d

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Exports

Exports

Sections

.data Size: - Virtual size: 1KB

.text Size: 44KB - Virtual size: 61KB

.idata Size: 88KB - Virtual size: 87KB

.rsrc Size: 1024B - Virtual size: 828B

.data
Size: - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 61KB

.idata
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 1024B - Virtual size: 828B