024b0931dbf65c1001b2408b30a23ab0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

024b0931dbf65c1001b2408b30a23ab0_JaffaCakes118
Size

194KB
MD5

024b0931dbf65c1001b2408b30a23ab0
SHA1

7c0c63b588eb17cea1ee9b4882247ed7f003f555
SHA256

6997b53b45b1a61a03d259a64fe0a8c7c573faa35f0ba3bcf5d41f1a89ed177c
SHA512

c696ef71c070ed423035e27e37e9e8eb651f9809a9557d5e863011212ee68f05a04842ced5efc86e0d112b85d7eb9c7cb6297b7734ff5fbc00973028f955cba0
SSDEEP

3072:q0M0W1RTuubN5AIZPU34kmIUraL4ctE0J74juERh7WlOa9X8:q0M0W1RS0RZPiwdR0JORhSca9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
024b0931dbf65c1001b2408b30a23ab0_JaffaCakes118

Files

024b0931dbf65c1001b2408b30a23ab0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26971851ea8ede5ed777550309889fd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
SafeArrayPtrOfIndex
SafeArrayGetElement
SysAllocStringLen
SysFreeString
OleLoadPicture

comctl32

ImageList_Remove
ImageList_Draw
ImageList_Destroy
ImageList_Add
ImageList_Read
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Write
ImageList_Create
ImageList_DrawEx

advapi32

RegQueryValueA

comdlg32

ChooseColorA
FindTextA
GetSaveFileNameA
GetOpenFileNameA

ole32

CreateBindCtx
CoFreeUnusedLibraries
CoDisconnectObject
CoUninitialize
StringFromIID
CoRevokeClassObject
CoUnmarshalInterface
CoRegisterClassObject
CoGetMalloc
CoGetObjectContext

kernel32

ExitThread
IsBadReadPtr
GetModuleHandleW
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetVersionExA
LoadLibraryA
GetCommandLineA
LoadLibraryExA
lstrlenA
ExitProcess

Sections

CODE
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res3
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res8
Size: 1KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res4
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res1
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26971851ea8ede5ed777550309889fd5

Headers

File Characteristics

Imports

oleaut32

comctl32

advapi32

comdlg32

ole32

kernel32

Sections

CODE Size: 59KB - Virtual size: 58KB

.data Size: 1KB - Virtual size: 1KB

.res3 Size: 512B - Virtual size: 429B

.res8 Size: 1KB - Virtual size: 93KB

.res4 Size: 16KB - Virtual size: 15KB

.res1 Size: 113KB - Virtual size: 112KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 59KB - Virtual size: 58KB

.data
Size: 1KB - Virtual size: 1KB

.res3
Size: 512B - Virtual size: 429B

.res8
Size: 1KB - Virtual size: 93KB

.res4
Size: 16KB - Virtual size: 15KB

.res1
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 1KB - Virtual size: 1KB