7bad6791a560ce9c1a9a07bfda62e832_JaffaCakes118

General

Target

7bad6791a560ce9c1a9a07bfda62e832_JaffaCakes118
Size

2.9MB
MD5

7bad6791a560ce9c1a9a07bfda62e832
SHA1

7a7038c8238cba705212f17c2d609dc5e83e5d63
SHA256

726d82aa22a471757ddfe478285688a77355d4a74440a5c9419728f67b742e76
SHA512

a8328c8fd3cbe118c535cff86ca02fdfc50d71d48077293a5eea2d7cdad7bf65c9944db8ac0efad1f1f842ae6692da603215dc4d1036fa9e64d68114a2268b48
SSDEEP

24576:ljJ4050CB/7oSoAUsWe4M/MzDbJvi0mz8EZObty6YmNFE1NbTh:l17qAkR2z2yhTh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bad6791a560ce9c1a9a07bfda62e832_JaffaCakes118

Files

7bad6791a560ce9c1a9a07bfda62e832_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b74b473c50b693ac9779bedab6efdb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
SafeArrayGetLBound
SafeArrayAccessData
VariantCopyInd
VariantChangeTypeEx
VarR8FromStr
VarBstrFromCy
VarNot
SafeArrayCreate
RegisterTypeLi

shell32

ShellAboutW
ExtractIconExW
SHFileOperationW
SHGetMalloc
SHGetSpecialFolderLocation
SHPathPrepareForWriteW
DragAcceptFiles

kernel32

GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringA
MultiByteToWideChar
LoadLibraryA
RtlUnwind
GetProcAddress
GlobalAlloc
VirtualAlloc
HeapReAlloc
ExitProcess
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
FindClose
GetSystemTime
GetSystemInfo
GetModuleHandleW
GetTempPathW
FindFirstFileW
GetVersionExW
GetCPInfo
LCMapStringW
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
GetACP
GetOEMCP
HeapAlloc

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 64.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.273s
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b74b473c50b693ac9779bedab6efdb9

Headers

File Characteristics

Imports

oleaut32

shell32

kernel32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 12KB - Virtual size: 64.2MB

.idata Size: 2KB - Virtual size: 1KB

.273s Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 365KB - Virtual size: 365KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 12KB - Virtual size: 64.2MB

.idata
Size: 2KB - Virtual size: 1KB

.273s
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 365KB - Virtual size: 365KB