00f4eef0a80ae9c198834ac90891b776_JaffaCakes118

General

Target

00f4eef0a80ae9c198834ac90891b776_JaffaCakes118
Size

179KB
MD5

00f4eef0a80ae9c198834ac90891b776
SHA1

7779ff385fdcbae15d512142710725f1badae9a9
SHA256

861a93bb9b067c290153b787cb05d1fd2ba6224a0b9c207b9981e3ab632a327d
SHA512

fdea28201942d05d3575bfa1799c06ec7f8da0d53b61ffe566bf28d9b6cdff0ccab9596b80bb838135d08ba33fe08e5bd414f83d48405d6d94c205a384dfad37
SSDEEP

3072:jB4KI806kxrR7O1LJ3RSHPrLJDbB2U4ICsJ3tiipHmGXHgAo0J8AbN06aXyTNnx:jB4x6kxrRSdgLVQU4pW9UGXAAvvR0hXu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00f4eef0a80ae9c198834ac90891b776_JaffaCakes118

Files

00f4eef0a80ae9c198834ac90891b776_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6612e8080b2f834796465f362269e50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

winmm

timeGetTime

msimg32

AlphaBlend
TransparentBlt

kernel32

GetConsoleProcessList
ExitProcess
TransmitCommChar
LocalFree
EnumResourceNamesW
ExitProcess
LocalAlloc
GetVersionExA
LoadLibraryW
GetModuleFileNameA

ole32

CoUninitialize
CoInitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance

gdiplus

GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageWidth
GdipDisposeImage

advapi32

RegOpenKeyExW
RegSetValueW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegCreateKeyW
RegQueryValueExW
RegEnumKeyExW

gdi32

LineTo
StretchBlt
CreateDCW
CreateDIBSection
GetObjectType
CreateCompatibleDC
BitBlt
SetStretchBltMode
SelectObject
DeleteDC
CreatePen
CreateBitmap

user32

CreatePopupMenu
TrackPopupMenuEx
ClipCursor
RedrawWindow
DestroyMenu
FindWindowA
GetDesktopWindow

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6612e8080b2f834796465f362269e50

Headers

File Characteristics

Imports

comctl32

winmm

msimg32

kernel32

ole32

gdiplus

advapi32

gdi32

user32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 43KB - Virtual size: 43KB

.rsr Size: 512B - Virtual size: 216KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 43KB - Virtual size: 43KB

.rsr
Size: 512B - Virtual size: 216KB