0df2d861099cbbb01fa7c52adb949d25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0df2d861099cbbb01fa7c52adb949d25_JaffaCakes118
Size

44KB
MD5

0df2d861099cbbb01fa7c52adb949d25
SHA1

df22d07a9e8e7a5460c2e2a7c02ff5c529789f0c
SHA256

d601258be5a6d3f7856423d14d0a170469de1b40c93fdd5906141de6ec36fb38
SHA512

93a996bbad810388554102ef242590cfeb5fff262992ac6182e359626e5e051397ee33cfabe48d90b1fcb9bced906f96470c4177831d7c2afd890497145c350b
SSDEEP

768:bczT+UGcCkXJxnXDLGmfTfImS8p+LfU8RKnrIll:pk5xnFwmdIlRGrYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df2d861099cbbb01fa7c52adb949d25_JaffaCakes118

Files

0df2d861099cbbb01fa7c52adb949d25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1592e9a32c388615ae1a4ef7d7143c0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontW
GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW

version

GetFileVersionInfoA
VerQueryValueA

msvcrt

_snwprintf
_wcsdup
iswctype
_itoa
_stricmp
__initenv

gdi32

GetViewportExtEx
EnumMetaFile
SetViewportOrgEx
GetObjectType
CreateDIBPatternBrushPt
SetICMMode
GdiSetLastError

kernel32

CreateProcessA
ExitProcess
GetComputerNameW
GetLastError
SearchPathW
GetCurrentProcess
GetExitCodeProcess
GetCurrentThread
GetSystemDirectoryW
GetModuleHandleA
GetCommandLineW
GetModuleHandleW
VirtualAlloc
MoveFileExW
GetTickCount
GetProcessHeap
ExpandEnvironmentStringsA
VirtualFree

advapi32

GetLengthSid
RegDeleteValueA
InitializeAcl
RevertToSelf

ole32

CoGetInterfaceAndReleaseStream
StringFromCLSID
OleLoadFromStream
CoTaskMemAlloc
CLSIDFromString
CoTaskMemRealloc
CoRegisterClassObject
CreateStreamOnHGlobal

Sections

.text
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1592e9a32c388615ae1a4ef7d7143c0f

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

version

msvcrt

gdi32

kernel32

advapi32

ole32

Sections

.text Size: 9KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 13KB

.rdata Size: 12KB - Virtual size: 43KB

.rdata Size: 10KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 13KB

.rdata
Size: 12KB - Virtual size: 43KB

.rdata
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 4KB