12599aa7da45aaf958dbaece919621ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12599aa7da45aaf958dbaece919621ab_JaffaCakes118
Size

240KB
MD5

12599aa7da45aaf958dbaece919621ab
SHA1

fc40bd79ad82de7e3a6f130cb099add550b340d2
SHA256

cf4e31ac7c135d3bc6373d3e2d8aa974449b432028fcce4205942cdd3ae7a249
SHA512

5902324d09f963191d9993247c20bad5c41dae70f3288c1bfea897795035677c0c4279a8aeaa9498d22026ee61e432c1866b2c16332641d16899c1d0d2c55650
SSDEEP

6144:zE4mCwXk79WO/eb+ZHQ5xr90f0VA4zVBh7S:zENk79WO/3xQ5xr9I4zjh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12599aa7da45aaf958dbaece919621ab_JaffaCakes118

Files

12599aa7da45aaf958dbaece919621ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c52463ffeb37221f2d0ad1790f63b53e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FrameRect
EnableWindow
SetMenu
SetFocus
CheckMenuItem
CharToOemA
CharNextW
IsWindowEnabled
EqualRect
SendMessageW
PeekMessageW
AdjustWindowRectEx

shlwapi

SHSetValueA
PathFileExistsA
PathIsDirectoryA
SHEnumValueA
PathGetCharTypeA
SHDeleteKeyA
SHDeleteValueA
PathIsContentTypeA
SHGetValueA

ole32

CLSIDFromProgID
StgOpenStorage
CoGetObjectContext
CoCreateInstanceEx
CoGetMalloc
CoFreeUnusedLibraries
CoUnmarshalInterface
CoCreateFreeThreadedMarshaler
CoRegisterClassObject

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
FindTextA

version

VerQueryValueA
GetFileVersionInfoSizeA

kernel32

VirtualAlloc
LoadLibraryExA
GlobalAlloc
ExitThread
GetProcAddress
GetCPInfo
GetModuleHandleA
LoadLibraryA
GetOEMCP

advapi32

RegEnumValueA
RegDeleteKeyA

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.`data
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c52463ffeb37221f2d0ad1790f63b53e

Headers

File Characteristics

Imports

user32

shlwapi

ole32

comdlg32

version

kernel32

advapi32

Sections

.text Size: 46KB - Virtual size: 46KB

.data Size: 170KB - Virtual size: 285KB

.idata Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.`data Size: 512B - Virtual size: 408B

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 584B

.text
Size: 46KB - Virtual size: 46KB

.data
Size: 170KB - Virtual size: 285KB

.idata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.`data
Size: 512B - Virtual size: 408B

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 584B