03ff7e9e3b5cba002b2b37c3c771b0fa_JaffaCakes118

General

Target

03ff7e9e3b5cba002b2b37c3c771b0fa_JaffaCakes118
Size

187KB
MD5

03ff7e9e3b5cba002b2b37c3c771b0fa
SHA1

b0f19500477063370850052408d09256d544ad53
SHA256

c9b0ce916518d8273a5ef773d3c67a7153c0cdc10136e66b4be3fa62dafa67b9
SHA512

70fabd0a3a6b52c05dac29a2c5fc331c5ea9a9cdd8d9284f823e336c51ae6a5063f438d8b38b55459b6e58d3eabf5f01eee4b66010db9d7406efc9651eaeb542
SSDEEP

3072:AV1jDQl+Z8H2TkGaE+h5K+tjo2SCZ5XN4s8wV5772qJN9XRpyGLaCDrfhy5uKVV8:VIPIEcnN4AV577jX9BpyODrfhy5pV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ff7e9e3b5cba002b2b37c3c771b0fa_JaffaCakes118

Files

03ff7e9e3b5cba002b2b37c3c771b0fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fe4ce6ac70db648c8f81c42bed53090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

user32

FindWindowA
RedrawWindow
DestroyMenu
ClipCursor
TrackPopupMenuEx
CreatePopupMenu
GetDesktopWindow

kernel32

GetHandleInformation
LoadLibraryW
TransmitCommChar
GetVersionExA
EnumResourceNamesW
ExitProcess
ExitProcess
LocalAlloc
LocalFree
GetModuleFileNameA

msimg32

AlphaBlend
TransparentBlt

winmm

timeGetTime

gdiplus

GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDisposeImage

gdi32

GetObjectType
BitBlt
CreateDIBSection
StretchBlt
SetStretchBltMode
DeleteDC
CreateCompatibleDC
CreateDCW
SelectObject
CreatePen
LineTo
CreateBitmap

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoCreateInstance

advapi32

RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegCreateKeyW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegEnumKeyExW

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe4ce6ac70db648c8f81c42bed53090

Headers

File Characteristics

Imports

comctl32

user32

kernel32

msimg32

winmm

gdiplus

gdi32

ole32

advapi32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 45KB - Virtual size: 44KB

.rsr Size: 512B - Virtual size: 80KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 45KB - Virtual size: 44KB

.rsr
Size: 512B - Virtual size: 80KB