f79d63c16fcee3ff46c217f8aa5fe7f5_JaffaCakes118

General

Target

f79d63c16fcee3ff46c217f8aa5fe7f5_JaffaCakes118
Size

84KB
MD5

f79d63c16fcee3ff46c217f8aa5fe7f5
SHA1

0814fe6d3b5397ea56b3bfa8efaf15a52b745033
SHA256

cfa6f32c440754058dc76af347cd045764e21d58980e2b0b2d0e70702831b435
SHA512

ce09390fe7a0a119d6d71c5941291a41326fc3d3487413988899b2ea4f03ca19dcc9547cd5c8bc44b54849c27224be2ffdb375309883c2bb4344ea5e13dda553
SSDEEP

1536:MF+1m3np8buWBWfr+pwDnZi9vNeUVwTNgU+Z+DIZB:BUGVgqpkn49veNgU+ZOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f79d63c16fcee3ff46c217f8aa5fe7f5_JaffaCakes118

Files

f79d63c16fcee3ff46c217f8aa5fe7f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd88ab8517fa152b73cedc86dea98cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
ChooseColorW
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetSaveFileNameW
PrintDlgA
PrintDlgExA
ReplaceTextW
dwLBSubclass

user32

BeginPaint
LoadImageA
InflateRect
GetUserObjectSecurity
GetUpdateRgn
GetSysColor
GetCursorPos
DispatchMessageA
RegisterWindowMessageA
SetClassLongA
SetPropA
SetWindowPlacement
SetWindowPos

kernel32

GetACP
DnsHostnameToComputerNameW
ConvertThreadToFiber
CloseHandle
AllocConsole
VerLanguageNameA
Thread32First
SetSystemTimeAdjustment
SetComputerNameExA
OpenProcess
MapUserPhysicalPagesScatter
LoadLibraryExA
LCMapStringA
IsBadStringPtrA
HeapCreate
HeapAlloc
GetVolumePathNameA
GetVersionExA
GetUserDefaultLangID
GetTimeZoneInformation
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetCPInfoExA
EnumSystemLanguageGroupsW
FindVolumeClose
FindFirstVolumeA
ExitProcess
EnumResourceTypesA

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoFileTimeNow
CLSIDFromString
CoBuildVersion
CoCreateInstance
CoGetMalloc

dbghelp

UnmapDebugInformation
SymFromAddr
MiniDumpWriteDump

comctl32

FlatSB_GetScrollProp
FlatSB_SetScrollRange
ImageList_DragEnter
DrawStatusTextW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd88ab8517fa152b73cedc86dea98cf

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

ole32

dbghelp

comctl32

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB