38f5a6d952b8d2a8c999ef286203cb92_JaffaCakes118

General

Target

38f5a6d952b8d2a8c999ef286203cb92_JaffaCakes118
Size

88KB
MD5

38f5a6d952b8d2a8c999ef286203cb92
SHA1

2185abfedb94418be8e5cb17de020007769abd21
SHA256

b60bce94ca0fa584cc98b0ea83b6620a17c711b6953319c91463837f858d255a
SHA512

b1674be8c9e8bfaba69019da25bc4142bc0c7520ba9d3bd0fe081504b40b7d99223df56cbf2f9161aaef3733f67a49f4d27623e687f1538c2ffe080703e74dea
SSDEEP

1536:Hlkv94LvKghbMWi74Bi5o+f6O2tzC9Y9fYmD/pb5hR287vLJL:Fci75hbFi7jo+2tu9ifJ55hRVp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38f5a6d952b8d2a8c999ef286203cb92_JaffaCakes118

Files

38f5a6d952b8d2a8c999ef286203cb92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd88ab8517fa152b73cedc86dea98cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
ChooseColorW
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetSaveFileNameW
PrintDlgA
PrintDlgExA
ReplaceTextW
dwLBSubclass

user32

BeginPaint
LoadImageA
InflateRect
GetUserObjectSecurity
GetUpdateRgn
GetSysColor
GetCursorPos
DispatchMessageA
RegisterWindowMessageA
SetClassLongA
SetPropA
SetWindowPlacement
SetWindowPos

kernel32

GetACP
DnsHostnameToComputerNameW
ConvertThreadToFiber
CloseHandle
AllocConsole
VerLanguageNameA
Thread32First
SetSystemTimeAdjustment
SetComputerNameExA
OpenProcess
MapUserPhysicalPagesScatter
LoadLibraryExA
LCMapStringA
IsBadStringPtrA
HeapCreate
HeapAlloc
GetVolumePathNameA
GetVersionExA
GetUserDefaultLangID
GetTimeZoneInformation
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetCPInfoExA
EnumSystemLanguageGroupsW
FindVolumeClose
FindFirstVolumeA
ExitProcess
EnumResourceTypesA

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoFileTimeNow
CLSIDFromString
CoBuildVersion
CoCreateInstance
CoGetMalloc

dbghelp

UnmapDebugInformation
SymFromAddr
MiniDumpWriteDump

comctl32

FlatSB_GetScrollProp
FlatSB_SetScrollRange
ImageList_DragEnter
DrawStatusTextW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd88ab8517fa152b73cedc86dea98cf

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

ole32

dbghelp

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB