0a1adaf0785cc8d09181139b09d1bcde_JaffaCakes118

General

Target

0a1adaf0785cc8d09181139b09d1bcde_JaffaCakes118
Size

187KB
MD5

0a1adaf0785cc8d09181139b09d1bcde
SHA1

2f4124441a61a38251899cdf1b26001a6280e89b
SHA256

24600729e772a399779289fd1d34193889ae3810e3ce78d0dc0877a82b91080a
SHA512

2ad60710f473cbb43c3d970448988dde95dbec735bdf1141067d4e694d6d53b6251d658e0130b14d193f460ac47fa8a5ba3f82e5bd0e783634ea2985c2be1e11
SSDEEP

3072:xVI6HZBDQTJ/z4gpKR43fzpjvtVicqZwe+DQt4Rdg7Vsrw3Pp6tO9prF7bGxi3T4:XHnZ87dvecGweGQfs0Pgt+rFbD6vc8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a1adaf0785cc8d09181139b09d1bcde_JaffaCakes118

Files

0a1adaf0785cc8d09181139b09d1bcde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36fc6fe13128c6d177285b611ac9ade4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

msimg32

AlphaBlend
TransparentBlt

gdi32

SelectObject
LineTo
CreateDCW
CreateDIBSection
CreateCompatibleDC
BitBlt
GetObjectType
StretchBlt
DeleteDC
CreatePen
SetStretchBltMode
CreateBitmap

kernel32

GetEnvironmentStringsW
LocalFree
WaitCommEvent
LocalAlloc
EnumResourceNamesW
ExitProcess
GetVersionExA
LoadLibraryW
ExitProcess
GetModuleFileNameA

user32

CreatePopupMenu
FindWindowA
TrackPopupMenuEx
RedrawWindow
DestroyMenu
ClipCursor
GetDesktopWindow

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage

advapi32

RegSetValueExW
RegCloseKey
RegSetValueW
RegCreateKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW

ole32

CoFreeUnusedLibraries
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36fc6fe13128c6d177285b611ac9ade4

Headers

File Characteristics

Imports

winmm

msimg32

gdi32

kernel32

user32

comctl32

gdiplus

advapi32

ole32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 44KB - Virtual size: 44KB

.rsr Size: 512B - Virtual size: 80KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 44KB - Virtual size: 44KB

.rsr
Size: 512B - Virtual size: 80KB