0729c56593126840669d7cf28535d104_JaffaCakes118

General

Target

0729c56593126840669d7cf28535d104_JaffaCakes118
Size

288KB
MD5

0729c56593126840669d7cf28535d104
SHA1

b9c35578d2a1357806d956b0b04fc7614063e7fa
SHA256

5f80944322c29e11d9fc1bf9414e486c3fea6221a54fa4841298412410aed6a7
SHA512

42946ec6d83236a061ee56a076c96b912acd263212c6f0e26f22f9d293c22eedbd832251851ea30b01158d7db248f8f96769673a24ddad092f5ac374248cd8aa
SSDEEP

6144:XLfXv6EmhRszZLXuDoIisuaVezRcX+QGstYnySenrA7S:XLyLEZLXdIi0I7M6emS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0729c56593126840669d7cf28535d104_JaffaCakes118

Files

0729c56593126840669d7cf28535d104_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d292fb39ce17fb6b5f21d99a19595bbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesW
PathAppendW
PathFindExtensionW
UrlCreateFromPathW
PathIsRelativeW
PathCreateFromUrlW
UrlUnescapeW
PathRemoveFileSpecW
StrCmpIW
PathCombineW

rpcrt4

UuidCreate

kernel32

GetWindowsDirectoryA
HeapFree
LoadLibraryW
CreateMutexW
GlobalFindAtomW
GetProcessHeap
GetSystemDirectoryW
ReleaseMutex
GetModuleHandleW
GetModuleHandleA
LocalFree
FindNextFileW
CopyFileW
WaitForSingleObject
lstrlenA
GetPrivateProfileStringW
EnumResourceLanguagesA
LoadLibraryExA
FreeLibrary
FindClose
GetProcAddress
GetCurrentProcessId
GetConsoleCursorMode
WritePrivateProfileStringW
ExpandEnvironmentStringsW
lstrcmpiW
GetPrivateProfileIntW
GetSystemInfo
HeapAlloc
SetFileAttributesW
LoadLibraryExW
FindFirstFileW
GetCurrentDirectoryW
GetCurrentProcess

Sections

.text
Size: 153KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d292fb39ce17fb6b5f21d99a19595bbf

Headers

File Characteristics

Imports

shell32

shlwapi

rpcrt4

kernel32

Sections

.text Size: 153KB - Virtual size: 280KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 131KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 153KB - Virtual size: 280KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 131KB

.rsrc
Size: 1024B - Virtual size: 4KB