00c2acd4c3dabcfffbc4bf71afb1fdc6_JaffaCakes118

General

Target

00c2acd4c3dabcfffbc4bf71afb1fdc6_JaffaCakes118
Size

170KB
MD5

00c2acd4c3dabcfffbc4bf71afb1fdc6
SHA1

bf97c7fa681f0f952087690ea30a2de7155773a4
SHA256

0a0d1762759764b60e318b09a724fc52d896ed8934b32360866ced920fddc447
SHA512

25e556421b92cc0c20883f9528e6795fe57cc327f2433976277585f20befb0161d297019676e0eda426706c6a9efbf0ef674d09bd1a98e1e5b172a4878e82266
SSDEEP

3072:2+VAM2soBpxeT+dABx90VLrKW97tfwuM8tH59Rk2LWiwWxWRD:5bYBbeTSIYrNVM8F37kR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00c2acd4c3dabcfffbc4bf71afb1fdc6_JaffaCakes118

Files

00c2acd4c3dabcfffbc4bf71afb1fdc6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3aa6a107c7bdef0e6b98a6a4db2b3eb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

winmm

timeGetTime

advapi32

RegDeleteKeyW
RegQueryValueExW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegEnumKeyExW

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance

user32

ClipCursor
FindWindowA
CreatePopupMenu
RedrawWindow
TrackPopupMenuEx
DestroyMenu
GetDesktopWindow

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipDisposeImage

msimg32

AlphaBlend
TransparentBlt

kernel32

GetHandleInformation
LoadLibraryW
TransmitCommChar
GetVersionExA
EnumResourceNamesW
ExitProcess
LocalFree
LocalAlloc
ExitProcess
GetModuleFileNameA

gdi32

CreateCompatibleDC
StretchBlt
DeleteDC
CreateDIBSection
SetStretchBltMode
SelectObject
BitBlt
CreateDCW
GetObjectType
LineTo
CreatePen
CreateBitmap

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aa6a107c7bdef0e6b98a6a4db2b3eb0

Headers

File Characteristics

Imports

comctl32

winmm

advapi32

ole32

user32

gdiplus

msimg32

kernel32

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 47KB - Virtual size: 47KB

.rsr Size: 512B - Virtual size: 212KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 47KB - Virtual size: 47KB

.rsr
Size: 512B - Virtual size: 212KB