54ae77199b1bc3f5d3d03ddd47ef8faa_JaffaCakes118

General

Target

54ae77199b1bc3f5d3d03ddd47ef8faa_JaffaCakes118
Size

260KB
MD5

54ae77199b1bc3f5d3d03ddd47ef8faa
SHA1

d101429ec994d2b0ad6f32e52ba27e5afe1af426
SHA256

1231fe73cf1bbfb06fff99c7de34c012d64bf0fb651062136ac1de9ae3bd17b5
SHA512

f30f5ee8d62b1d6ba03b6aa4b190a2c98e870e2ddab81fa63d8a5fd951219a49cc30d0452eca8ff5ac4201454c7b6a91e21b0628f0512b34faaf56fc5f6c9583
SSDEEP

6144:APeuFoQrcSZZX7N68OScvK81zwpoEq10oLoAdFLHCqPo:8RVX084zwpvq5dFDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54ae77199b1bc3f5d3d03ddd47ef8faa_JaffaCakes118

Files

54ae77199b1bc3f5d3d03ddd47ef8faa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a42d07f6d9754e59952e32e28834fdbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_GetBkColor
ImageList_Write
ImageList_Create
ImageList_Add
ImageList_Draw
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy

shell32

SHGetDesktopFolder

version

GetFileVersionInfoSizeA
VerInstallFileA

kernel32

WaitForSingleObject
DeleteFileA
MoveFileA
GetModuleHandleA
CompareStringA
ExitThread
ExitProcess
GetThreadLocale
VirtualAlloc
lstrlenA
LoadLibraryA
GetProcAddress
GetUserDefaultLCID
GetDateFormatA
FreeLibrary
DeleteCriticalSection
LoadResource
GetModuleFileNameA
CloseHandle
GetFileAttributesA
GlobalAlloc

comdlg32

GetOpenFileNameA
ChooseColorA

gdi32

BitBlt
SetTextColor
CreateFontIndirectA
GetPixel
CreateBrushIndirect
CopyEnhMetaFileA
GetPaletteEntries
RestoreDC
SaveDC
GetRgnBox

user32

GetFocus
GetCursor
IsChild
GetActiveWindow

Sections

CODE
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 657B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a42d07f6d9754e59952e32e28834fdbf

Headers

File Characteristics

Imports

comctl32

shell32

version

kernel32

comdlg32

gdi32

user32

Sections

CODE Size: 28KB - Virtual size: 27KB

.data Size: 1024B - Virtual size: 657B

BSS Size: 227KB - Virtual size: 227KB

.edata Size: 1024B - Virtual size: 950B

.idata Size: 2KB - Virtual size: 1KB

CODE
Size: 28KB - Virtual size: 27KB

.data
Size: 1024B - Virtual size: 657B

BSS
Size: 227KB - Virtual size: 227KB

.edata
Size: 1024B - Virtual size: 950B

.idata
Size: 2KB - Virtual size: 1KB