00864c25a1b6a3322e974c5e15c88361_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00864c25a1b6a3322e974c5e15c88361_JaffaCakes118
Size

180KB
MD5

00864c25a1b6a3322e974c5e15c88361
SHA1

e9e483b334a9708cf544a5f29a2ff581913862f7
SHA256

c5d55de6b1f89d6ab1e3b7e9d6668cec8c355106b2a30015f28dcea4b847e9fc
SHA512

57398fcfec17aaa7be4b697baf978d50919f7e30aa1aef70418e4bcd0638d4ef2f04939630caf28e4dc9055aa7bc886ffd7251eef209990ea3265e6d38f08099
SSDEEP

3072:xmDlKeP3pUazgMS/Ojzn44EiCBfPvCQQ9oxM75pTqVZCtem8THFPS9Kzw04gziD8:xmDlKWrTS/Oj048f/soG7nTq/8em8DpL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00864c25a1b6a3322e974c5e15c88361_JaffaCakes118

Files

00864c25a1b6a3322e974c5e15c88361_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8722db7b0e5efe98c42bd02924d8d490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance

user32

CreatePopupMenu
GetFocus
SetWindowPos
SetCursor
GetDesktopWindow
ClipCursor
DestroyMenu
TrackPopupMenuEx
EnableWindow
FindWindowA
InvalidateRect
LoadCursorW
RedrawWindow
SetParent
IsWindow
PtInRect

winmm

timeGetTime

gdi32

DeleteDC
LineTo
CreateDIBSection
CreateCompatibleDC
SelectObject
CreatePen
StretchBlt
BitBlt
SetStretchBltMode
GetObjectType
CreateDCW
CreateBitmap

kernel32

CreateFileW
DisableThreadLibraryCalls
WaitCommEvent
GetVersionExA
WaitCommEvent
GlobalAlloc
GetFullPathNameW
GlobalLock
GetSystemTimeAsFileTime
ReadFile
CloseHandle
GetTickCount
EnumResourceNamesW
GetCurrentThreadId
ExitProcess
GetModuleFileNameA
LoadLibraryW
GetCurrentProcessId
ExitProcess
LocalFree
LocalAlloc
GlobalUnlock

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipDisposeImage

advapi32

RegSetValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8722db7b0e5efe98c42bd02924d8d490

Headers

File Characteristics

Imports

ole32

user32

winmm

gdi32

kernel32

gdiplus

advapi32

msimg32

comctl32

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 41KB - Virtual size: 40KB

.rsr Size: 512B - Virtual size: 212KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 41KB - Virtual size: 40KB

.rsr
Size: 512B - Virtual size: 212KB