01413764b63ad78542bb7931dcc09ec6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01413764b63ad78542bb7931dcc09ec6_JaffaCakes118
Size

193KB
MD5

01413764b63ad78542bb7931dcc09ec6
SHA1

1825de7136adb95e1043cbc94ed55eee253df6d2
SHA256

c9a95fcf8e0826ac3b61c3c5c423a76d64a3ace7872f7e41afafa28fbe20a792
SHA512

31c7891e2c31b81164f0f32ad972772dfd38777de258227e79b6f7b75c8996170be078a83b9aaca7cc3a3152c6e4bbf845d224a07baee7546916e02f744da3bc
SSDEEP

6144:9eabgHALrbyXVs84fGVmDxjPskJ0UBJSD:sabCALr2XVsEmJPBWGgD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01413764b63ad78542bb7931dcc09ec6_JaffaCakes118

Files

01413764b63ad78542bb7931dcc09ec6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07b7bccfa643eba18e7a38752d870275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
GetFileTitleA
FindTextA
GetSaveFileNameA

version

VerFindFileA
VerInstallFileA

msvcrt

exit
sin
time
wcschr
memset

kernel32

GetProcAddress
VirtualAllocEx
GlobalAlloc
GetVersionExA
lstrlenA
GetCommandLineA
GetLastError
GetModuleHandleA
ExitProcess
IsBadReadPtr
GetCommandLineW
LoadLibraryA
LoadLibraryExA
ExitThread

ole32

CoUnmarshalInterface
CoUninitialize
CoDisconnectObject
CoGetMalloc
CoFreeUnusedLibraries
CoGetObjectContext
CoRegisterClassObject
CreateBindCtx
StringFromIID
CoRevokeClassObject

oleaut32

SysStringLen
OleLoadPicture
SafeArrayUnaccessData
SafeArrayCreate
SysFreeString
SysReAllocStringLen

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res9
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res3
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res0
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res8
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07b7bccfa643eba18e7a38752d870275

Headers

File Characteristics

Imports

comdlg32

version

msvcrt

kernel32

ole32

oleaut32

Sections

.text Size: 170KB - Virtual size: 169KB

DATA Size: 1KB - Virtual size: 1KB

.res9 Size: 1KB - Virtual size: 1KB

.res3 Size: 512B - Virtual size: 398B

.res0 Size: 14KB - Virtual size: 14KB

.res8 Size: 512B - Virtual size: 92KB

.res4 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 170KB - Virtual size: 169KB

DATA
Size: 1KB - Virtual size: 1KB

.res9
Size: 1KB - Virtual size: 1KB

.res3
Size: 512B - Virtual size: 398B

.res0
Size: 14KB - Virtual size: 14KB

.res8
Size: 512B - Virtual size: 92KB

.res4
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B