42a38592b0e680f0f81f5b5512349f2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42a38592b0e680f0f81f5b5512349f2d_JaffaCakes118
Size

200KB
MD5

42a38592b0e680f0f81f5b5512349f2d
SHA1

5dad7891aa4d8a2a89c4c98bf75599bf1412441c
SHA256

e13c77440bf8faf0b5e2e8614c789b0c94ffaabfa5f8c098d08d6b3578c894cc
SHA512

d071bf0b4e3f107f6503869803e902de9982c74941ed42ce742653aca69403466cf967dbd2f64f764cc1ec5a6fb5f779a911c3c7bd97f995bf15c234736a8c0d
SSDEEP

6144:mGJAZJnsDyzAG/Johy8kgaUs1QmFc8IgW9b182pJoN:xJAEyzboh7kLUsqmFcbgcBxoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a38592b0e680f0f81f5b5512349f2d_JaffaCakes118

Files

42a38592b0e680f0f81f5b5512349f2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1413ad025517b945b45b46fbd7c8aad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
FindTextA

ole32

CoCreateInstanceEx
OleCreateStaticFromData
PropVariantClear
ReleaseStgMedium
CreateOleAdviseHolder
CreateBindCtx
CoRegisterClassObject
GetHGlobalFromStream
OleRun
CoCreateFreeThreadedMarshaler

kernel32

CreateFileA
ExitThread
LoadLibraryExA
DeleteCriticalSection
CloseHandle
EnterCriticalSection
LoadLibraryA
VirtualAllocEx
CompareStringA
GetCommandLineA
DeleteFileA
GetProcAddress
ExitProcess
GlobalAlloc
GetModuleHandleA
GetVersionExA
CreateThread
CreateEventA
Sleep
GetModuleHandleW
IsBadReadPtr
GetACP
lstrlenW

shlwapi

SHQueryInfoKeyA
SHGetValueA

gdi32

GetCurrentPositionEx
SaveDC
GetDIBits
CopyEnhMetaFileA
SelectPalette
CreateFontIndirectA
CreatePenIndirect

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 933B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1413ad025517b945b45b46fbd7c8aad

Headers

File Characteristics

Imports

comdlg32

ole32

kernel32

shlwapi

gdi32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 4KB - Virtual size: 933B

.data Size: 4KB - Virtual size: 113KB

DATA Size: 4KB - Virtual size: 967B

.gdata Size: 8KB - Virtual size: 7KB

.fdata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 836B

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 4KB - Virtual size: 933B

.data
Size: 4KB - Virtual size: 113KB

DATA
Size: 4KB - Virtual size: 967B

.gdata
Size: 8KB - Virtual size: 7KB

.fdata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 836B