4198e92c09f1047cbff4b6db208c3832_JaffaCakes118

General

Target

4198e92c09f1047cbff4b6db208c3832_JaffaCakes118
Size

1.4MB
MD5

4198e92c09f1047cbff4b6db208c3832
SHA1

389413b839a7b2d85311a9b56de6de1678156bcb
SHA256

638fb832bd9a8fd6f80631fca490e29eac7a9a4b27837076593bc6ffaafc9748
SHA512

e03708a79f4acdc92811217c57b629ee39e55e72e827ab04ab095f3bca3355a6025dceb075622972a7f9a2ee779f07fcc1ded5cb9a90971fa21b2f7cd173ee4f
SSDEEP

24576:z7TWqNZ74tCou78V1r2tZy+SgPxXF/+9OxhEiZyW2Z3NPRUFQ8fKMg:/TWSZ8CouK1rckgP5F/FfZy5Z9luKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4198e92c09f1047cbff4b6db208c3832_JaffaCakes118

Files

4198e92c09f1047cbff4b6db208c3832_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd583c94600201922c65d93ff3d34266

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetConsoleTitleW
LoadLibraryExW
GetModuleHandleA
CloseHandle
GetTimeFormatW
WaitForSingleObject
HeapSize
ReadConsoleA
GetProcessId
IsBadStringPtrA
HeapAlloc
VirtualProtect
GetDiskFreeSpaceA
lstrcpynA

uxtheme

GetThemeTextMetrics
DrawThemeBackground
GetThemeColor
IsThemeActive
SetWindowTheme
CloseThemeData
GetThemeBool
GetThemeTextExtent
GetThemeSysSize
GetWindowTheme
OpenThemeData
GetThemeRect
GetThemeInt
DrawThemeEdge

crypt32

CertNameToStrA
CertFindChainInStore
CertFindExtension
CertFreeCRLContext
CryptEnumOIDInfo
CertCreateContext
CertFindAttribute
CertCloseStore
CertGetNameStringA
CertDeleteCRLFromStore

onex

OneXCopyAuthParams
OneXFreeMemory
OneXInitialize
OneXDeInitialize
OneXAddTLV

shlwapi

PathCompactPathA
UrlUnescapeA
UrlEscapeA
UrlGetPartW
UrlHashA
PathIsRootA
UrlCanonicalizeA
UrlCombineA
UrlIsNoHistoryA
PathCommonPrefixA
UrlIsA

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd583c94600201922c65d93ff3d34266

Headers

File Characteristics

Imports

kernel32

uxtheme

crypt32

onex

shlwapi

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 24KB - Virtual size: 20KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.Reloc Size: 12KB - Virtual size: 12KB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 24KB - Virtual size: 20KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.Reloc
Size: 12KB - Virtual size: 12KB