JaffaCakes118_1949203e6d457420287be590d762e60b

General

Target

JaffaCakes118_1949203e6d457420287be590d762e60b
Size

193KB
MD5

1949203e6d457420287be590d762e60b
SHA1

0e55bfb2db400591f77b81715cd922aafce0c061
SHA256

1c97d2a1eceae2103ae91b9e7843f293d35197b447a7f785913bd63b967449b5
SHA512

3f340a6761d40c3b80f9e79a5ac873b44623f4d692c0c921bc8f46e47d4471a2820d44b9d5b3be72281c4a8fb3e14ce25dec6e56df3bab667911e4b5b26ce57a
SSDEEP

6144:o4EmD56e1xBvEkbLGcAzpMVR2dulRXWJO:MoB8ArR4oln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1949203e6d457420287be590d762e60b

Files

JaffaCakes118_1949203e6d457420287be590d762e60b
.exe windows:4 windows x86 arch:x86

1fa677e064086dddd20d751de608e3bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoMarshalHresult
CoInitializeEx
CoInitialize
CLSIDFromString
CreateItemMoniker
CoFreeUnusedLibraries
StringFromCLSID
StringFromGUID2
GetRunningObjectTable
CreateStreamOnHGlobal
CoRegisterClassObject
CoCreateInstance
CoRevokeClassObject
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc

kernel32

GetCurrentDirectoryW
GetFileAttributesA
DeleteFileA
lstrlenA
CloseHandle
QueryMemoryResourceNotification
GetModuleFileNameW
FindClose
DisableThreadLibraryCalls
FreeLibrary
InterlockedDecrement
LocalFree
GetModuleFileNameA
MultiByteToWideChar
FindNextFileW
CreateFileA
ReadFile
GetVersionExA
CopyFileA
lstrcmpA
EnumResourceTypesW
FindNextFileA
GetTempPathW
GetTempFileNameW
SetErrorMode
SetCurrentDirectoryW
SetFileAttributesA
InterlockedIncrement
LocalAlloc
GetPrivateProfileStringA
WideCharToMultiByte
WaitForSingleObject
GetExitCodeThread
CreateDirectoryA
GetLastError
GetFileAttributesW
GetFileSize
GetTempPathA
DeleteFileW
FindFirstFileW
SetFileAttributesW
GetTempFileNameA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fa677e064086dddd20d751de608e3bf

Headers

File Characteristics

Imports

gdiplus

ole32

kernel32

Sections

.text Size: 122KB - Virtual size: 122KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 248KB

.text
Size: 122KB - Virtual size: 122KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 248KB