d3581897d6620d612f3ad58a7f1130aa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3581897d6620d612f3ad58a7f1130aa_JaffaCakes118
Size

292KB
MD5

d3581897d6620d612f3ad58a7f1130aa
SHA1

9f362bc380b3521531835e0b2e0f9223724055a7
SHA256

d61cb80d7ca4d5e9716341bc774bcdb0b8aaf6455fb983da9b6f7cff6b37b4c7
SHA512

991887e1bcae9085fd6fa6b04eeeaa76be8d26d5034762512bdb624ae25a9dba07ef7556e37cfd79cb071b9fc28b15b965c26c28bf7f40558d1197ea14d7af60
SSDEEP

3072:ouhyqfUE+kvHTz96K6ScKcNEUzZELeUoPxwAnjaPM76DBQ+E05:0qfR+2Tz96KncKukLvBl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3581897d6620d612f3ad58a7f1130aa_JaffaCakes118

Files

d3581897d6620d612f3ad58a7f1130aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79390cc511b9dafcaf429778d9678427

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread

ole32

CoGetContextToken
CoFreeUnusedLibraries
CoFileTimeNow
CoGetCurrentProcess
CoCreateGuid
OleInitialize
OleUninitialize
CoGetCurrentLogicalThreadId
CoGetMalloc

user32

SetWindowPos
ShowWindow
ShowCursor
DefWindowProcA

msimg32

AlphaBlend
DllInitialize
GradientFill

shlwapi

PathFileExistsA

oledlg

OleUIConvertW
OleUIInsertObjectW
OleUIUpdateLinksW

gdiplus

GdipSetImagePalette

winspool.drv

EnumPrintersW
ConfigurePortW

version

VerFindFileA

gdi32

STROBJ_bGetAdvanceWidths

oleacc

CreateStdAccessibleProxyW

Exports

Exports

GetClass

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79390cc511b9dafcaf429778d9678427

Headers

File Characteristics

Imports

kernel32

ole32

user32

msimg32

shlwapi

oledlg

gdiplus

winspool.drv

version

gdi32

oleacc

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 157KB

.edata Size: 512B - Virtual size: 112B

.data Size: 512B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 2KB

.rdatat Size: 1KB - Virtual size: 1KB

.rsrc Size: 67KB - Virtual size: 67KB

Size: 20KB - Virtual size: 20KB

Size: 20KB - Virtual size: 20KB

Size: 20KB - Virtual size: 20KB

.text
Size: 158KB - Virtual size: 157KB

.edata
Size: 512B - Virtual size: 112B

.data
Size: 512B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 2KB

.rdatat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 67KB - Virtual size: 67KB