8a68deb108e725578b7f62964b2c0343_JaffaCakes118

General

Target

8a68deb108e725578b7f62964b2c0343_JaffaCakes118
Size

169KB
MD5

8a68deb108e725578b7f62964b2c0343
SHA1

35652340bc2730b4eb4f7f197adb278ce913dd01
SHA256

5960a2aa2a0470bd8da0eeb28f48b2278c3e316130a12c69ca6059bd59f48d85
SHA512

15f9d7dac45907de91773d049b0969612428d1112f16d4099876bdfd8627d9d6b8059dce22fd94a890d541b42b00d3c0fdf2cef6f79c8a736d48135e00724cbf
SSDEEP

3072:PxjNw+ZpRmTVBR2IFBQKzqocEah4jG3olzhbqjtsccsJ:Ju+Zn8VBYCbIIQCzhmRsccs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a68deb108e725578b7f62964b2c0343_JaffaCakes118

Files

8a68deb108e725578b7f62964b2c0343_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fefeb955f64c5276df018addaf92fe89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

ClipCursor
FindWindowA
RedrawWindow
TrackPopupMenuEx
DestroyMenu
CreatePopupMenu
GetDesktopWindow

advapi32

RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey
RegEnumKeyExW

kernel32

GetEnvironmentStringsW
LocalFree
TransmitCommChar
ExitProcess
EnumResourceNamesW
ExitProcess
GetVersionExA
LocalAlloc
LoadLibraryW
GetModuleFileNameA

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

gdi32

BitBlt
CreateCompatibleDC
SetStretchBltMode
StretchBlt
CreateDIBSection
SelectObject
LineTo
CreatePen
CreateDCW
GetObjectType
DeleteDC
CreateBitmap

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

gdiplus

GdipGetImageWidth
GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

winmm

timeGetTime

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fefeb955f64c5276df018addaf92fe89

Headers

File Characteristics

Imports

msimg32

user32

advapi32

kernel32

comctl32

gdi32

ole32

gdiplus

winmm

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 47KB - Virtual size: 47KB

.rsr Size: 512B - Virtual size: 212KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 47KB - Virtual size: 47KB

.rsr
Size: 512B - Virtual size: 212KB