efc28e31c96ab17353d6568cd9669c91_JaffaCakes118

General

Target

efc28e31c96ab17353d6568cd9669c91_JaffaCakes118
Size

162KB
MD5

efc28e31c96ab17353d6568cd9669c91
SHA1

2342155bfc23bf18cf210dace4b43b0323d006c8
SHA256

04058d84be46451b55324058d0fab36d5424ee7fec34f6b3f6e6fe68df04b9d8
SHA512

83bc1abb3f275a1a7964faa8f9a705c01d3e8d9e6491c42d741d3b7a41cda71acd77cf09337fae1f9d4b1568d38b50b29fe3f96ae64a3b56f09c7466105afc3f
SSDEEP

3072:Z41tESyl/u/0dpgYslgR3ppxIG9/xp2A5ffZUP9KMX0PxlAb+6TW:ZaHN/AgnMZzFj2M3ZO9rEPxlFd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efc28e31c96ab17353d6568cd9669c91_JaffaCakes118

Files

efc28e31c96ab17353d6568cd9669c91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

171a44cad4fb9c367f08f5ac44cc56f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoCreateInstance

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegSetValueW
RegCreateKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW

gdiplus

GdipGetImageWidth
GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

winmm

timeGetTime

gdi32

CreateCompatibleDC
DeleteDC
CreatePen
LineTo
StretchBlt
BitBlt
SelectObject
CreateDCW
GetObjectType
SetStretchBltMode
CreateDIBSection
CreateBitmap

kernel32

WaitCommEvent
GetCurrentThreadId
GetTickCount
WaitCommEvent
GetModuleFileNameA
ExitProcess
EnumResourceNamesW
GetSystemTimeAsFileTime
GetVersionExA
ExitProcess
LocalAlloc
LoadLibraryW
LocalFree
DisableThreadLibraryCalls

user32

FindWindowA
CreatePopupMenu
GetFocus
GetDesktopWindow
ClipCursor
DestroyMenu
RedrawWindow
TrackPopupMenuEx
InvalidateRect

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

171a44cad4fb9c367f08f5ac44cc56f5

Headers

File Characteristics

Imports

ole32

advapi32

gdiplus

comctl32

winmm

gdi32

kernel32

user32

msimg32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 40KB - Virtual size: 39KB

.rsr Size: 512B - Virtual size: 64KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 40KB - Virtual size: 39KB

.rsr
Size: 512B - Virtual size: 64KB