a3e1066c020e8183b5c814ba6529be45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3e1066c020e8183b5c814ba6529be45_JaffaCakes118
Size

172KB
MD5

a3e1066c020e8183b5c814ba6529be45
SHA1

ae03b30abf407c7ea3c27782416787b2989347d9
SHA256

5f9fffc63170777101351d998f777f9d7dcf5f1d5e1080e5295624c16583884f
SHA512

300248fa3aa62895fccb31bb1e05d2296b07e3849c59d482bfc457de62dd3cec4261cd28d74b64353eb55aeb147000d44795f8f839cb81fb68fd6764ebb5ca29
SSDEEP

3072:hcVpwsry4UMGkp3bBeQGAV7rjKMHPnVFJGOU73Xp7rv/+m1jdDih92chWp8B:hcLRyUGkZ0QDKMH/YOSZ7hDe92w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e1066c020e8183b5c814ba6529be45_JaffaCakes118

Files

a3e1066c020e8183b5c814ba6529be45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

774f6caa8f0240e1f7fa08eb7e77046a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RedrawWindow
CreatePopupMenu
GetFocus
InvalidateRect
DestroyMenu
GetDesktopWindow
IsWindow
TrackPopupMenuEx
SetWindowPos
ClipCursor
SetParent
SetCursor
EnableWindow
LoadCursorW
PtInRect

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipDisposeImage

winmm

timeGetTime

kernel32

GetCurrentProcessId
CreateFileW
LocalFree
SetFileAttributesW
WaitCommEvent
GlobalLock
WaitCommEvent
QueryPerformanceCounter
ReadFile
GetModuleFileNameA
InterlockedExchange
CreateDirectoryW
GetACP
EnumResourceNamesW
LoadLibraryW
ExitProcess
GlobalUnlock
GetCurrentThreadId
GetVersionExA
GetTickCount
OutputDebugStringW
CopyFileW
GetSystemTimeAsFileTime
GetFullPathNameW
DisableThreadLibraryCalls
ExitProcess
LocalAlloc
CloseHandle
GlobalAlloc
GetLastError
GetLocaleInfoA

gdi32

BitBlt
CreatePen
DeleteDC
CreateDIBSection
SetStretchBltMode
StretchBlt
CreateCompatibleDC
CreateDCW
GetObjectType
LineTo
SelectObject
CreateBitmap

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoCreateInstance

advapi32

RegSetValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyW
RegEnumKeyExW

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

774f6caa8f0240e1f7fa08eb7e77046a

Headers

File Characteristics

Imports

user32

gdiplus

winmm

kernel32

gdi32

ole32

advapi32

comctl32

msimg32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 49KB

.rsr Size: 512B - Virtual size: 340KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 49KB

.rsr
Size: 512B - Virtual size: 340KB