a2dad7aac77a866b41b0102bb48a9ceb_JaffaCakes118

General

Target

a2dad7aac77a866b41b0102bb48a9ceb_JaffaCakes118
Size

179KB
MD5

a2dad7aac77a866b41b0102bb48a9ceb
SHA1

89b2c69f4d80703d243a456b435e0d6700f99bef
SHA256

95adab0645f60e88a35577a21c12a9c3efb08a3650d5d44775779082973184fd
SHA512

72334f4e16870eba5d2c112fe8c46d8b6fd15865c3e2a4b120c72ea177fbc1923c2b5f867777d12e0f8276e1edadc228455ca99f234f1b804893788d9dd12aa4
SSDEEP

3072:jSN+bYCOa5GfawfuMW2dObXUBDoeoaSte1xYsgUtv/nD+HpA8Pw9:ZbYCOa5GfawXOrUB0ehwegUtb+JA8Pw9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2dad7aac77a866b41b0102bb48a9ceb_JaffaCakes118

Files

a2dad7aac77a866b41b0102bb48a9ceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

deafbcce50703e06acbc6a96ac1cc543

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

comctl32

ImageList_Add
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Read
ImageList_DrawEx

kernel32

VirtualAllocEx
LocalReAlloc
LocalFree
VirtualAlloc
GetCurrentProcess
GlobalAlloc
ExitProcess
GetModuleHandleA
GetOEMCP
LocalAlloc

gdi32

GetTextColor
CreatePalette
GetPixel
GetBitmapBits
SelectPalette

shlwapi

SHQueryValueExA
SHStrDupA

advapi32

GetLengthSid
RegEnumValueA

user32

GetFocus
wsprintfA
GetDesktopWindow
GetForegroundWindow

shell32

SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetDiskFreeSpaceA
SHFileOperationA

Exports

Exports

_OtM@8

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deafbcce50703e06acbc6a96ac1cc543

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

shlwapi

advapi32

user32

shell32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 141KB - Virtual size: 213KB

tls Size: 2KB - Virtual size: 1KB

rdata Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 141KB - Virtual size: 213KB

tls
Size: 2KB - Virtual size: 1KB

rdata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB