1528fd912602139594bf4001eec0d35e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1528fd912602139594bf4001eec0d35e_JaffaCakes118
Size

167KB
MD5

1528fd912602139594bf4001eec0d35e
SHA1

9bd43654d33af4702e0c26089a1d3a43e5db2a4e
SHA256

db78c24b975ca00c03d888a067d7110de31c53eb59b9f15bc6089e766608396e
SHA512

243ecf7e684c5488c14ec5a3c5f9ad1b71e3fc0da82684eaf372a3b08a3433f711d058e2b7c596f664805f5e1fba2eb520cca5305a67235e3912974695c01b31
SSDEEP

3072:sS2Sw4x5YaQGVqPzk9HY8hIDr2Bw6IjrXmQVDSvLtc9pTBwSeTMMwR9KWXDVd1:Iz4xdn94xqK6IjjmQ4vcpdgMMC9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1528fd912602139594bf4001eec0d35e_JaffaCakes118

Files

1528fd912602139594bf4001eec0d35e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c741902dea9c98c3cb56052a953d2490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
WaitCommEvent
GetModuleFileNameA
GetSystemTimeAsFileTime
GlobalLock
WaitCommEvent
GetCurrentProcessId
GetVersionExA
GlobalAlloc
LoadLibraryW
ReadFile
GetFullPathNameW
DisableThreadLibraryCalls
EnumResourceNamesW
CreateFileW
CloseHandle
ExitProcess
LocalFree
GetCurrentThreadId
LocalAlloc
ExitProcess
GlobalUnlock

user32

ClipCursor
IsWindow
SetCursor
SetParent
FindWindowA
EnableWindow
InvalidateRect
GetFocus
RedrawWindow
SetWindowPos
TrackPopupMenuEx
LoadCursorW
DestroyMenu
CreatePopupMenu
GetDesktopWindow
PtInRect

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

gdi32

SetStretchBltMode
CreatePen
GetObjectType
BitBlt
CreateDCW
SelectObject
StretchBlt
LineTo
DeleteDC
CreateCompatibleDC
CreateDIBSection
CreateBitmap

winmm

timeGetTime

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipDisposeImage

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

advapi32

RegCreateKeyW
RegSetValueExW
RegDeleteKeyW
RegSetValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c741902dea9c98c3cb56052a953d2490

Headers

File Characteristics

Imports

kernel32

user32

comctl32

gdi32

winmm

msimg32

gdiplus

ole32

advapi32

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 35KB - Virtual size: 35KB

.rsr Size: 512B - Virtual size: 68KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 35KB - Virtual size: 35KB

.rsr
Size: 512B - Virtual size: 68KB