0036512291f0699978201163143429cb_JaffaCakes118

General

Target

0036512291f0699978201163143429cb_JaffaCakes118
Size

173KB
MD5

0036512291f0699978201163143429cb
SHA1

eb685d4349829bee5a803fd812444b2a6625e1be
SHA256

05da1eb05eefb06941846f75546bfb39555b4384599351fcffcb37066d08e9b0
SHA512

4742a398be58969efc51d76ca8c3f1ba419adc7f5caf46a00cd9ca743d82a2c50b1b3aa9b97fe392559c75cc25469ec7bd5218bda2d1bb242e685b9899804c99
SSDEEP

3072:Illr5dDrJPqyFPkVXcMfB/x1ZuxPhbMc4IyRuE5yzBO0wvYu/i2IDRToy:IlhPDrJrlkiMp/DZuU3V5y4ji/Jo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0036512291f0699978201163143429cb_JaffaCakes118

Files

0036512291f0699978201163143429cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0061ea15f1ebec3c8f0b4d0e670cc2ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance

kernel32

GetConsoleProcessList
ExitProcess
TransmitCommChar
LocalFree
EnumResourceNamesW
ExitProcess
LoadLibraryW
GetVersionExA
LocalAlloc
GetModuleFileNameA

advapi32

RegQueryValueExW
RegSetValueW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyW
RegEnumKeyExW

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

user32

RedrawWindow
CreatePopupMenu
TrackPopupMenuEx
DestroyMenu
FindWindowA
ClipCursor
GetDesktopWindow

gdi32

CreateDCW
CreateCompatibleDC
SetStretchBltMode
GetObjectType
StretchBlt
LineTo
CreateDIBSection
CreatePen
SelectObject
DeleteDC
BitBlt
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipGetImageWidth
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipDisposeImage

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0061ea15f1ebec3c8f0b4d0e670cc2ea

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

comctl32

winmm

user32

gdi32

msimg32

gdiplus

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 39KB - Virtual size: 38KB

.rsr Size: 512B - Virtual size: 208KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 39KB - Virtual size: 38KB

.rsr
Size: 512B - Virtual size: 208KB