3ddf1cb7f83c7a5fcd52d8f14ff990f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ddf1cb7f83c7a5fcd52d8f14ff990f6_JaffaCakes118
Size

160KB
MD5

3ddf1cb7f83c7a5fcd52d8f14ff990f6
SHA1

b86c9610e21f05b1b0c101c4765abc8133ad540e
SHA256

92507af66e152b2f6cbe86194fac9f34bc593c361779cc682e3a46d5d979ed4a
SHA512

22541b0258597aa54e367796cc32d84c3a54ea27b204471d13ab2c7303b457d0c408ba016703cbf40901c978259fc945aee3017b0c08405b6b3e46ee12256b60
SSDEEP

3072:uq7gmyWed1IVVzMJ3z+pFjPvmKlYV6OzY1xs/E3kNrmKeW3l:H7gY01iJtPvVvgYEvR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddf1cb7f83c7a5fcd52d8f14ff990f6_JaffaCakes118

Files

3ddf1cb7f83c7a5fcd52d8f14ff990f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

311ad676bbf3a1f0fa69b3b5629ea06b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Remove
ImageList_Write
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Draw
ImageList_Destroy
ImageList_Read
ImageList_Add

user32

SetWindowsHookExA
IsWindowVisible
ChildWindowFromPoint
GetActiveWindow
UpdateWindow

version

GetFileVersionInfoSizeA
VerFindFileA

advapi32

RegLoadKeyA

shell32

SHGetDiskFreeSpaceA
DragQueryFileA

shlwapi

SHStrDupA
SHEnumValueA

ole32

OleRegGetUserType
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoGetObjectContext
WriteClassStm
CoCreateGuid
StringFromIID

gdi32

GetDIBColorTable
GetObjectA
GetPaletteEntries
GetDCOrgEx
GetClipBox
CreateCompatibleBitmap
GetDIBits
SetPixel
SelectObject

oleaut32

SafeArrayGetElement
SafeArrayGetUBound
SafeArrayCreate
OleLoadPicture

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
FindTextA

kernel32

GetProcAddress
GetModuleHandleA
ExitThread
VirtualAlloc
GetVersionExA
VirtualAllocEx
GetLastError
ExitProcess

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 555B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 126KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 731B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

311ad676bbf3a1f0fa69b3b5629ea06b

Headers

File Characteristics

Imports

comctl32

user32

version

advapi32

shell32

shlwapi

ole32

gdi32

oleaut32

comdlg32

kernel32

Sections

.text Size: 30KB - Virtual size: 29KB

.idata Size: 1024B - Virtual size: 555B

.edata Size: 126KB - Virtual size: 193KB

.data Size: 512B - Virtual size: 73B

DATA Size: 1024B - Virtual size: 731B

.text
Size: 30KB - Virtual size: 29KB

.idata
Size: 1024B - Virtual size: 555B

.edata
Size: 126KB - Virtual size: 193KB

.data
Size: 512B - Virtual size: 73B

DATA
Size: 1024B - Virtual size: 731B