5e4a0ea9a412ad3ea1655dfd0e82d510_JaffaCakes118

General

Target

5e4a0ea9a412ad3ea1655dfd0e82d510_JaffaCakes118
Size

170KB
MD5

5e4a0ea9a412ad3ea1655dfd0e82d510
SHA1

2b00245c704a7549c48ed08f339224b9e6881626
SHA256

8d93f3f6fd6736d265283587ac670559f2657b8f11eaa8e9eee9cb0d96123063
SHA512

34c37b373c82f1b483ea8957f8cd8cbb3bd8814f730e386ef1078f1e190ecb8f80df8a0dbe9c93ed4214f14a0f59f1f6d1ae2ecfdf0c5316929f44d987b66b46
SSDEEP

3072:N0TP/RswXpZSGDZZuQJzKkctFsqyukHK5pRJPRGU9JLPojtd:Auw8IFJzmwqybqpXPRH9JLgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e4a0ea9a412ad3ea1655dfd0e82d510_JaffaCakes118

Files

5e4a0ea9a412ad3ea1655dfd0e82d510_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f20bfdf49eb7ca558fa31d96337141b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipDisposeImage

ole32

CoUninitialize
CoInitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance

msimg32

AlphaBlend
TransparentBlt

winmm

timeGetTime

kernel32

GetConsoleProcessList
GetVersionExA
TransmitCommChar
LocalFree
EnumResourceNamesW
ExitProcess
ExitProcess
LoadLibraryW
LocalAlloc
GetModuleFileNameA

gdi32

CreatePen
BitBlt
SelectObject
GetObjectType
StretchBlt
SetStretchBltMode
CreateDIBSection
CreateDCW
DeleteDC
CreateCompatibleDC
LineTo
CreateBitmap

advapi32

RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegSetValueExW
RegSetValueW
RegEnumKeyExW

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

user32

CreatePopupMenu
RedrawWindow
FindWindowA
TrackPopupMenuEx
ClipCursor
DestroyMenu
GetDesktopWindow

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f20bfdf49eb7ca558fa31d96337141b7

Headers

File Characteristics

Imports

gdiplus

ole32

msimg32

winmm

kernel32

gdi32

advapi32

comctl32

user32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 45KB - Virtual size: 45KB

.rsr Size: 512B - Virtual size: 208KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 45KB - Virtual size: 45KB

.rsr
Size: 512B - Virtual size: 208KB