0f0186a4470c8f0137fa89903fbe4203_JaffaCakes118

General

Target

0f0186a4470c8f0137fa89903fbe4203_JaffaCakes118
Size

196KB
MD5

0f0186a4470c8f0137fa89903fbe4203
SHA1

95cc94a42c0813ee988f2026716605175d2b4d0e
SHA256

c9f048b492838f1af44c8bd735f4dfd19317c2b465e4de82e27e108b2f5bff0a
SHA512

b1127ff6bc38038910364196c4e5f55461d51b5eb6780c782819174ae4c02a2c8eb102ac0ab5d3c9cbaba8f7729f8c416f116157b87ebc899d5bb736e7545b20
SSDEEP

3072:d3CBjDgzGY3CPuEKf/ZbYdfQJO16YOCvVR6BTaQV23hufg48qXyhjep5Xv2Sm9:y03Mu1xMN3O+8OQV23syqitej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0186a4470c8f0137fa89903fbe4203_JaffaCakes118

Files

0f0186a4470c8f0137fa89903fbe4203_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0315644cced4ab3dc59f0991dd7a229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextA

kernel32

GetProcAddress
LocalAlloc
LoadLibraryExA
VirtualAlloc
ExitProcess
GetModuleHandleA

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHFileOperationA
Shell_NotifyIconA
SHGetFolderPathA

user32

GetWindowLongW
CallWindowProcA
IsRectEmpty
GetActiveWindow
IsChild
DispatchMessageA
GetFocus
SendMessageA
IsWindowEnabled
CharLowerBuffA
OpenClipboard
ReleaseCapture
IsWindowVisible
MapWindowPoints
ScrollWindow

version

VerQueryValueA
GetFileVersionInfoA

gdi32

GetBitmapBits
CopyEnhMetaFileA
SaveDC
CreateDIBitmap
GetDIBits
CreateBrushIndirect
SelectObject

comctl32

ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Read
ImageList_Draw
ImageList_Create
ImageList_Write
ImageList_Destroy
ImageList_GetBkColor

Sections

CODE
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0315644cced4ab3dc59f0991dd7a229

Headers

File Characteristics

Imports

comdlg32

kernel32

shell32

user32

version

gdi32

comctl32

Sections

CODE Size: 41KB - Virtual size: 40KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 5KB - Virtual size: 49KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 12KB

CODE
Size: 41KB - Virtual size: 40KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 5KB - Virtual size: 49KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 12KB