6742b65bc8669c534845203df2cb7cd7_JaffaCakes118

General

Target

6742b65bc8669c534845203df2cb7cd7_JaffaCakes118
Size

138KB
MD5

6742b65bc8669c534845203df2cb7cd7
SHA1

9385e2cdbf03d53c00eb93b24e2487a5475c033a
SHA256

0309b2a237d93f28ab276e68c1664b32e9826426c6073e975e3ccc40659bf86e
SHA512

427ed8ba4f16b7e1cb174e0d862a3e65d7e8f4f7eb197198be0bd167ff08ec88a8c3ab2f38bdecd6cf855ac200123aac52182f7d867f3c1526328f012285cf30
SSDEEP

3072:Qcf9Fv2dkGQW+m0fJQSSyMJ1qDp67lzgl0G7JXXciUjoS0QY08BvL:QsedkPW9XvJ1i67vGBVUjMQD8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6742b65bc8669c534845203df2cb7cd7_JaffaCakes118

Files

6742b65bc8669c534845203df2cb7cd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9a8edcceb728df2788a324fcbc09db9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
GetSaveFileNameA
FindTextA
GetFileTitleA
GetOpenFileNameA

kernel32

WriteFile
GlobalDeleteAtom
GetThreadLocale
lstrcpynA
FindFirstFileA
lstrcpyA
ReadFile
FindResourceA
GetCurrentThreadId
ExitThread
GetEnvironmentStrings
GetFullPathNameA
GetProcAddress
ExitProcess
GetFileAttributesA
lstrcmpiA
GlobalAddAtomA
VirtualAllocEx
FindClose
GetFileSize
CompareStringA
WideCharToMultiByte
IsBadReadPtr

user32

UpdateWindow
wsprintfA
GetDlgItem
CharLowerA
CharUpperA
GetSystemMetrics
GetParent
GetCapture
GetMenu
WaitMessage
WindowFromPoint

gdi32

SetTextColor
BitBlt
CreateBitmap
GetTextAlign
GetBkColor

ole32

CoGetContextToken
CreateOleAdviseHolder
GetHGlobalFromStream
CoRevokeClassObject
CLSIDFromProgID
OleRun
CoGetObjectContext
PropVariantClear
CoUninitialize
CoGetMalloc

Exports

Exports

_hc_IYZ1N
0NgyqVdOgx64I
RuZomFrate8Dr
vTzxR4
_YxfIJhBR40_TJ

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9a8edcceb728df2788a324fcbc09db9

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 110KB

.data Size: 122KB - Virtual size: 122KB

.rsrc Size: 1024B - Virtual size: 1004B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 110KB

.data
Size: 122KB - Virtual size: 122KB

.rsrc
Size: 1024B - Virtual size: 1004B