410e0dc96eab2d6879efa42f1fac4a98_JaffaCakes118

General

Target

410e0dc96eab2d6879efa42f1fac4a98_JaffaCakes118
Size

174KB
MD5

410e0dc96eab2d6879efa42f1fac4a98
SHA1

f00e941e64b0f08a2ab0b79c30a82bd325aff039
SHA256

d263089ac747ac76d19b2b7ffca7f09b96a42f52087aca83652533a630bd73b7
SHA512

5ac16a85260cdf1dfc2272876b50c877a820a4361a778940740b1e70d202324571c09f7741bd538542a7095ab7d849c82d46c645f958cff25872fa3c3acc7a3a
SSDEEP

3072:Zkz7TMMxCoQ47w0bz6/5E7pI9Wuluql0NKSMq17/um7Qqrj03YwpUXR:KzMMx0Z0UMpI9YqisSMI72Yj036R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410e0dc96eab2d6879efa42f1fac4a98_JaffaCakes118

Files

410e0dc96eab2d6879efa42f1fac4a98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1df40b08bfc9f04de4d60a8798926bf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImageWidth
GdipDisposeImage

kernel32

FileTimeToDosDateTime
ExitProcess
TransmitCommChar
LocalFree
EnumResourceNamesW
ExitProcess
LoadLibraryW
GetVersionExA
LocalAlloc
GetModuleFileNameA

user32

FindWindowA
CreatePopupMenu
ClipCursor
TrackPopupMenuEx
RedrawWindow
DestroyMenu
GetDesktopWindow

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance

winmm

timeGetTime

advapi32

RegSetValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegEnumKeyExW

gdi32

CreatePen
CreateDCW
SetStretchBltMode
GetObjectType
BitBlt
CreateDIBSection
DeleteDC
SelectObject
CreateCompatibleDC
LineTo
StretchBlt
CreateBitmap

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1df40b08bfc9f04de4d60a8798926bf4

Headers

File Characteristics

Imports

msimg32

gdiplus

kernel32

user32

comctl32

ole32

winmm

advapi32

gdi32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 49KB - Virtual size: 48KB

.rsr Size: 512B - Virtual size: 336KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 49KB - Virtual size: 48KB

.rsr
Size: 512B - Virtual size: 336KB