c0ca9b89e9d6add7d5340254ec46b2b0_JaffaCakes118

General

Target

c0ca9b89e9d6add7d5340254ec46b2b0_JaffaCakes118
Size

249KB
MD5

c0ca9b89e9d6add7d5340254ec46b2b0
SHA1

b8913806ba2e01b9d5f1696e717f6499639d25ca
SHA256

7d1312703e20bdc8cc014ffb6a40a03aeebb932c833b3f25bcab4d50a6cc4ed4
SHA512

070f7c8f09f080d3451ad0f68915e0faec1fb7b05c601783a39ed11d6e1e97e00759e0894c31d8eda98d37ec7d414c49d2e763e7dca82188b0eac8221287df63
SSDEEP

3072:YeQCcMbKfIoXF42rRsHc9uS3FzQADc/i+2oLB64ElybiqXa+p4gCSS:vQCcMSnRsHc3OH2uB64yybpqBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0ca9b89e9d6add7d5340254ec46b2b0_JaffaCakes118

Files

c0ca9b89e9d6add7d5340254ec46b2b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e53ecfbc8e5a4f5a4fa850d4d6a6898

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
EnterCriticalSection
EnumCalendarInfoA
ExpandEnvironmentStringsA
GetFileAttributesW
GetFileSize
GetTimeZoneInformation
OutputDebugStringA
SetEndOfFile
SizeofResource

user32

CallWindowProcA
DispatchMessageA
EnableMenuItem
GetDlgItem
GetParent
GetWindowLongA
GetWindowTextA
InvalidateRect
IsWindow
IsWindowVisible
KillTimer
LoadCursorA
MessageBoxA
ReleaseDC
SendMessageA
SetWindowPos
SystemParametersInfoA
UpdateWindow

gdi32

ExcludeClipRect
GetViewportExtEx
OffsetViewportOrgEx
SelectClipRgn
SetBkColor
SetBkMode
SetStretchBltMode
SetTextColor

shell32

CommandLineToArgvW
ExtractIconExA
ExtractIconExW
SHAddToRecentDocs
SHBindToParent
SHGetFolderPathA
SHGetSpecialFolderPathW

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Draw
ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_Write
PropertySheetA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ardata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e53ecfbc8e5a4f5a4fa850d4d6a6898

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 22KB - Virtual size: 140KB

.ardata Size: 60KB - Virtual size: 60KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 22KB - Virtual size: 140KB

.ardata
Size: 60KB - Virtual size: 60KB