831602f0982f88174830b98f4dd19e8b_JaffaCakes118

General

Target

831602f0982f88174830b98f4dd19e8b_JaffaCakes118
Size

2.4MB
MD5

831602f0982f88174830b98f4dd19e8b
SHA1

8ecdad8599e1e777f6b7d9d5c1ebac6ca933dc12
SHA256

5d14eb3c43dbfd724424ba992c06f1bd148e512b10df0db449b115886b47600b
SHA512

fd472daaba56db140f066f527f9c1f1b2711fd362f86a5342b65fba8a0ca8ae90410a594f343be65691f70ffad2c25faf7a8520e889e7642711db015dba224f9
SSDEEP

24576:dzJv7Tw3/CNXMrXQV+yjr0ZqGOrEgM+wbMZU954pzo6l0EEJg:rvsyjnIeUMc6Ea

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
831602f0982f88174830b98f4dd19e8b_JaffaCakes118

Files

831602f0982f88174830b98f4dd19e8b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e4c5c17da3bdf57eebf57e9a28f5b1d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

DrawThemeParentBackground
GetCurrentThemeName
IsThemeActive
SetWindowTheme
GetThemePartSize
DrawThemeText

shell32

SHPathPrepareForWriteW
SHGetDesktopFolder
SHFileOperationW
CommandLineToArgvW
DragQueryFileW

kernel32

InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
HeapReAlloc
HeapAlloc
HeapSize
WideCharToMultiByte
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GlobalFree
VirtualAlloc
HeapDestroy
HeapFree
GetLastError
SetHandleCount
CloseHandle
MulDiv
lstrcmpW
lstrlenW
CreateEventW
FindResourceExW
FindFirstFileW
GetVersionExW
GetThreadLocale
Sleep
GetCurrentProcess
GetCommandLineW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess

mpr

WNetGetLastErrorW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 93.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4c5c17da3bdf57eebf57e9a28f5b1d8

Headers

File Characteristics

Imports

uxtheme

shell32

kernel32

mpr

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 3KB - Virtual size: 93.6MB

.rsrc Size: 12KB - Virtual size: 13KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 3KB - Virtual size: 93.6MB

.rsrc
Size: 12KB - Virtual size: 13KB