00ce4f91835f9e975c8566fc780d8d19_JaffaCakes118

General

Target

00ce4f91835f9e975c8566fc780d8d19_JaffaCakes118
Size

178KB
MD5

00ce4f91835f9e975c8566fc780d8d19
SHA1

79084204ab34fdc9ada2b350eb1dd5df1920bc69
SHA256

19bcd1c6bb5e8c8b216338f4d7f41a73c134f0b5df0fc5e2acbfbe6b66c06709
SHA512

3b26ff262050ab64d076e4ea7195bb6583eacf19128a0423d74cfa7ea225b9dd179db9bfd529c4438b6cfb77a1a77a79eb609f9f194fb48d54b4bfc49f812554
SSDEEP

3072:99HsMUKkodW/nm9ey5gY77KMDrosL1fSOMH6rVC7UCD/AQNdgwJCD:99H31If25f7BDMaEOMHSC4Csh1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00ce4f91835f9e975c8566fc780d8d19_JaffaCakes118

Files

00ce4f91835f9e975c8566fc780d8d19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

975b7c3f7e533ac0b5e8ad8c32f9c5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCurrentPositionEx
GetObjectA
CreateDIBSection
SelectPalette

kernel32

VirtualAllocEx
GetACP
GetVersionExA
WideCharToMultiByte
WriteFile
LocalReAlloc
GetModuleFileNameA
ExitProcess
VirtualAlloc
FreeResource
GetLastError
GetProcAddress
GlobalAlloc
MoveFileA
LockResource
LocalFree
GetStringTypeW
GetDiskFreeSpaceA
GetModuleHandleA

comdlg32

GetFileTitleA
ChooseColorA
FindTextA
GetOpenFileNameA

version

VerQueryValueA
VerFindFileA

user32

GetTopWindow
CharLowerA
DefWindowProcA
GetDCEx
IntersectRect
ActivateKeyboardLayout
ShowOwnedPopups
PeekMessageA
BeginPaint
SetTimer
SetWindowPos
GetWindowPlacement
GetActiveWindow
GetSysColorBrush
IsWindowVisible
GetKeyboardType
FindWindowA
MapWindowPoints
CharNextW
GetLastActivePopup
SetActiveWindow
IsWindowUnicode
LoadStringA

ole32

CoFreeUnusedLibraries
OleCreateStaticFromData
CoCreateInstanceEx
PropVariantClear
CoUnmarshalInterface
MkParseDisplayName
CoReleaseMarshalData
OleRegGetUserType

comctl32

ImageList_Add

shell32

SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 135KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

975b7c3f7e533ac0b5e8ad8c32f9c5ea

Headers

File Characteristics

Imports

gdi32

kernel32

comdlg32

version

user32

ole32

comctl32

shell32

Sections

.text Size: 36KB - Virtual size: 36KB

.tls Size: 135KB - Virtual size: 223KB

DATA Size: 4KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.tls
Size: 135KB - Virtual size: 223KB

DATA
Size: 4KB - Virtual size: 4KB