f0443ddd9c80393e4d7e55c5d392f48c_JaffaCakes118

General

Target

f0443ddd9c80393e4d7e55c5d392f48c_JaffaCakes118
Size

122KB
MD5

f0443ddd9c80393e4d7e55c5d392f48c
SHA1

2b04f4430cd84b9b5a84499ba38a1e98aba6cf66
SHA256

247fa4cd1da4fccdab4400baf40efae66cc1e2d2887e11e83d75d79da65b9808
SHA512

455de1d6a9256dd5ef0053261416d4cf6edff0004163baec1022927386d179350977607ab39955c5c9540257cd96dd2fba39071fa569e4ec5468c599c407716d
SSDEEP

1536:L7CmdO9kKqgVwFP6263aZpQHgs2Dq51TeclusmAh7OQPjy:Lq9kKTOJXZpQHH55hJmFQPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0443ddd9c80393e4d7e55c5d392f48c_JaffaCakes118

Files

f0443ddd9c80393e4d7e55c5d392f48c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fe3532f23aeaf953a4d5d8cefb905c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
GetMenuState
SetForegroundWindow
GetClipboardData
GetParent
GetMenuItemID
IsWindowEnabled
IsChild
RemoveMenu
GetKeyboardState
DrawIcon
DispatchMessageA
GetActiveWindow
PeekMessageW
SetMenu
ActivateKeyboardLayout
GetLastActivePopup
SetFocus
DeleteMenu
GetDesktopWindow
SetWindowPos
BeginPaint
GetCursor
SetWindowLongW
GetMessagePos
ShowOwnedPopups
SetTimer
MsgWaitForMultipleObjects
GetClientRect

gdi32

CreateDIBSection
RestoreDC
CreateBrushIndirect
CreateBitmap
GetBitmapBits

advapi32

RegOpenKeyExA

shell32

SHFileOperationA
SHGetSpecialFolderLocation
Shell_NotifyIconA
SHGetDiskFreeSpaceA

version

GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA

kernel32

GlobalFindAtomA
GetProcessHeap
ExitThread
DeleteCriticalSection
GetCommandLineA
SetEvent
MoveFileA
VirtualAlloc
EnumCalendarInfoA
GetLastError
SetErrorMode
LocalAlloc
lstrlenA
VirtualAllocEx
GetModuleHandleA
GetProcAddress
GetACP
LocalReAlloc

comdlg32

FindTextA
GetSaveFileNameA
GetOpenFileNameA

oleaut32

RegisterTypeLib
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayCreate

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fe3532f23aeaf953a4d5d8cefb905c9

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

version

kernel32

comdlg32

oleaut32

Sections

.text Size: 35KB - Virtual size: 35KB

.idata Size: 81KB - Virtual size: 80KB

.edata Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 35KB

.idata
Size: 81KB - Virtual size: 80KB

.edata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB