70f22c9b30cec321b16a7985ade6c5a1_JaffaCakes118

General

Target

70f22c9b30cec321b16a7985ade6c5a1_JaffaCakes118
Size

346KB
MD5

70f22c9b30cec321b16a7985ade6c5a1
SHA1

74b17653e66569422cfdea9b3794458a271b1016
SHA256

e4e7ffcd0118c714714562021a506d4ebcbd9f309241f2a3b11c5d3e8fa67da3
SHA512

8b3a1bcf830bf45c924afc6b26d09150ab0c59b2c721d9a944662abe64f70cd69e513e0b70278665bd290af282e1c52ee5b7ef9aa8293f37519dae649307f8ed
SSDEEP

6144:wlT+yzHJUFWy3teOWniBWYp3VbW9Cu6Cr4VoA5y6GBefeGeLHILNeTH:wrpU8uVWB8lKEuVr4VofefX+8N0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
70f22c9b30cec321b16a7985ade6c5a1_JaffaCakes118

Files

70f22c9b30cec321b16a7985ade6c5a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff0a304d84032bc7d91dd2f8e1c5e526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
CloseHandle
LoadLibraryA
GetModuleHandleW
FindClose
CreateFileA
GetTempPathW
GetModuleHandleA
GetFileType
GetBinaryTypeW
CreateFileW
GetTempPathA
GetStartupInfoA

user32

BeginPaint
IsWindowEnabled
DefWindowProcW
DestroyWindow
IsWindowVisible
GetWindowTextA
DrawTextW
DefWindowProcA
GetWindowRect
GetWindow
GetWindowTextW
ShowWindow
EnableWindow
DeleteMenu
CloseWindow
CloseClipboard
EmptyClipboard
DrawTextA

gdi32

CombineRgn
CreateRoundRectRgn
FillRgn
CreateCompatibleBitmap
CreatePolygonRgn
GetDeviceCaps
GetStockObject
BitBlt
CreateSolidBrush
FrameRgn
CreateCompatibleDC
CreateFontIndirectW
CreateFontIndirectA
CreateRectRgn
DeleteObject

oleaut32

SysAllocStringByteLen
CreateErrorInfo
SysAllocStringLen
SetErrorInfo
SafeArrayCopy
GetErrorInfo
SafeArrayCreate
SysAllocString
SysFreeString

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strcmp

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0a304d84032bc7d91dd2f8e1c5e526

Headers

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

msvcrt

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB