0362aff214e18429504ce3e51e2d00ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0362aff214e18429504ce3e51e2d00ec_JaffaCakes118
Size

184KB
MD5

0362aff214e18429504ce3e51e2d00ec
SHA1

82dc3d7346c5f39fd57eb6e89a03b01477003027
SHA256

f7a62ef5358586c9e6ef08b35ee0c2451b788628da8d9259d3ae2e78f096d574
SHA512

80eb5affefc59b80b3944ba8397956e9f57f110c3624fe0802724f3557a16f2ebcda4afa36e0994a03ab25d8f52da55128efd48e9a7c57249e34e7bb42abfb28
SSDEEP

3072:u2eAsj+H4k1AAP56l6LUOA43xtsWZ5QI0iAsx5cqF:GAsa9AA46LXVZ7As

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0362aff214e18429504ce3e51e2d00ec_JaffaCakes118

Files

0362aff214e18429504ce3e51e2d00ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fed435d475e783da202b055210c2884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

user32

CallNextHookEx
AdjustWindowRectEx
BeginPaint

gdi32

SelectPalette
GetBitmapBits
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
GetDCOrgEx
CreateBrushIndirect
CreateDIBitmap
GetPixel

ole32

CoFreeUnusedLibraries
CreateBindCtx

advapi32

RegLoadKeyA
GetUserNameA
RegCreateKeyExA

shell32

SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetFolderPathA
SHGetDesktopFolder

comctl32

ImageList_Remove
ImageList_Destroy
ImageList_Read
ImageList_Write
ImageList_Create
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Add
ImageList_Draw

shlwapi

SHGetValueA
SHQueryValueExA
SHSetValueA
PathIsContentTypeA

kernel32

GetOEMCP
LoadLibraryA
IsBadHugeReadPtr
GetThreadLocale
lstrcpynA
CloseHandle
GetFullPathNameA
GetCommandLineA
ExitThread
GetModuleHandleW
GetStringTypeW
MulDiv
EnterCriticalSection
GetCommandLineW
GetLocalTime
GetACP
HeapFree
GetModuleHandleA
GetVersionExA
GetFileSize
GetLastError
GetCurrentProcessId
GlobalAddAtomA
CreateFileA
GetProcAddress
VirtualAllocEx
Sleep
GetEnvironmentStrings
GetVersion
SetThreadLocale
ExitProcess

Sections

CODE
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fed435d475e783da202b055210c2884

Headers

File Characteristics

Imports

comdlg32

user32

gdi32

ole32

advapi32

shell32

comctl32

shlwapi

kernel32

Sections

CODE Size: 43KB - Virtual size: 43KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 7KB

.bdata Size: 2KB - Virtual size: 1KB

.hdata Size: 124KB - Virtual size: 123KB

.adata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 884B

CODE
Size: 43KB - Virtual size: 43KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 7KB

.bdata
Size: 2KB - Virtual size: 1KB

.hdata
Size: 124KB - Virtual size: 123KB

.adata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 884B