99e78d3edeeb74639d39cdd7d7f8251d_JaffaCakes118

General

Target

99e78d3edeeb74639d39cdd7d7f8251d_JaffaCakes118
Size

2.4MB
MD5

99e78d3edeeb74639d39cdd7d7f8251d
SHA1

e38537973b3f6fc3c3ce39abb5fec1649de95eb9
SHA256

439e16db5470615bdd92e79bc9b8c18d154300eb058c63cfdd7c1d6f7e6f117e
SHA512

19d157288c53162e79e8ec7bc40acde581c5c2184ba7758b8313a4fb157c744c51a52face9bd402dbd8e4de92efe177c6c78d35b9cfc6440a900e570639122c7
SSDEEP

24576:PsKki9a6dnX3VdaNEE3GMcOfNjgAayke/gBh6xw:jk6dnX3YnrEF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99e78d3edeeb74639d39cdd7d7f8251d_JaffaCakes118

Files

99e78d3edeeb74639d39cdd7d7f8251d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

74b1423139f1e0d091eb021ec435a7ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW
GetMappedFileNameW

userenv

EnterCriticalPolicySection
RegisterGPNotification
LoadUserProfileW

mpr

WNetGetLastErrorW
WNetGetResourceInformationW

kernel32

GetConsoleWindow
GetUserDefaultLCID
GetThreadLocale
GetLocaleInfoW
CompareStringW
GetOEMCP
GetProcAddress
GetVersion
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
VirtualAlloc
HeapAlloc
HeapFree
HeapSize
ExitProcess
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetHandleCount
WriteFile
SetFilePointer
ClearCommError
GetLocalTime
SetMailslotInfo
CreateEventW
LoadLibraryExW
FindResourceExW
GetSystemDirectoryW
CreateFileW
CreateNamedPipeW
GetACP

shell32

DragFinish
ShellAboutW
ShellExecuteExW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHPathPrepareForWriteW

user32

OpenIcon
GetMenuItemCount
GetUpdateRect
SetWindowTextW
IsRectEmpty

comdlg32

PrintDlgExW
ChooseColorW

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 64.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.updi
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74b1423139f1e0d091eb021ec435a7ce

Headers

File Characteristics

Imports

psapi

userenv

mpr

kernel32

shell32

user32

comdlg32

Sections

.text Size: 65KB - Virtual size: 64KB

.data Size: 1024B - Virtual size: 64.1MB

.idata Size: 2KB - Virtual size: 1KB

.updi Size: 2.3MB - Virtual size: 2.3MB

.text
Size: 65KB - Virtual size: 64KB

.data
Size: 1024B - Virtual size: 64.1MB

.idata
Size: 2KB - Virtual size: 1KB

.updi
Size: 2.3MB - Virtual size: 2.3MB