3cc971e02c274db64d7a7f1eb3e8a6b5_JaffaCakes118

General

Target

3cc971e02c274db64d7a7f1eb3e8a6b5_JaffaCakes118
Size

234KB
MD5

3cc971e02c274db64d7a7f1eb3e8a6b5
SHA1

63bfdce2dff897f3032592400ac066e848f8a552
SHA256

f4f3877ab4d76b9a3d2e86157dfbed68dc2f658da614c6c81cbd98bf1fc32e66
SHA512

fd1d9c881971ccf32b74810050f8bf082a35043265d0020578c1023b8a0e3419683edfc6675c149609daa67c60a9cd90dbddda2b08948c5f6c6d478204739c8a
SSDEEP

3072:0DBef2NGEfHsirKV5GpnXlpQCeaMlgM8aoWm776dQzflxY9tTInmp1o7ZZAbScq:0BeMF0irzXl2ChMKQAo6IbG7TA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc971e02c274db64d7a7f1eb3e8a6b5_JaffaCakes118

Files

3cc971e02c274db64d7a7f1eb3e8a6b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

056e31882774ce6c4367096d6692554a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA

user32

SetMenu
SetWindowPos
GetWindowPlacement
GetKeyboardLayoutNameA
CloseClipboard
DefWindowProcA
SetFocus
SetWindowLongW
GetWindowRect
GetParent
GetMenu
GetClassLongA
GetKeyboardLayoutList
DrawIconEx
SetCursor
CheckMenuItem
IsChild
SetWindowsHookExA
SetActiveWindow
CharNextA
DrawTextA
RegisterClassA

gdi32

CreateCompatibleDC
CreateBrushIndirect

kernel32

GetCommandLineW
GetFullPathNameA
ExitProcess
InitializeCriticalSection
GetModuleHandleA
VirtualAlloc
GetProcAddress
GetCommandLineA
lstrlenA
VirtualQuery
GetCurrentThreadId
LoadLibraryExA
GetOEMCP
GetProcessHeap
lstrcmpiA
ExitThread
lstrcpyA

comctl32

ImageList_Draw
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Read
ImageList_Create

ole32

CoRevokeClassObject
ReleaseStgMedium
StgCreateDocfileOnILockBytes
WriteClassStm

Sections

CODE
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

056e31882774ce6c4367096d6692554a

Headers

File Characteristics

Imports

version

user32

gdi32

kernel32

comctl32

ole32

Sections

CODE Size: 78KB - Virtual size: 77KB

.rdata Size: 1024B - Virtual size: 20KB

.data Size: 10KB - Virtual size: 10KB

.cdata Size: 133KB - Virtual size: 132KB

.rsrc Size: 10KB - Virtual size: 9KB

CODE
Size: 78KB - Virtual size: 77KB

.rdata
Size: 1024B - Virtual size: 20KB

.data
Size: 10KB - Virtual size: 10KB

.cdata
Size: 133KB - Virtual size: 132KB

.rsrc
Size: 10KB - Virtual size: 9KB