046f8302026ae20d82abe90aa82409cb_JaffaCakes118

General

Target

046f8302026ae20d82abe90aa82409cb_JaffaCakes118
Size

112KB
MD5

046f8302026ae20d82abe90aa82409cb
SHA1

578e5760a538519c6be27fc26b95da4bf6c48c67
SHA256

c0fc63416b7da5d7d0af23a645c688d95ffd04cad85d092f9fd35d67269ff808
SHA512

298a35872a877c3ec241cab89e11c81c672a3caac390f6700a25fe794a3ab6afb0d8ad6e796a99dcdb0d976c584fa2d50057a83ef3411bc4d15dfd6c94819577
SSDEEP

1536:ovQJwmTIav7/AbdMIBhl1SXChb8FmbWWvosWUIjr+al/DBU8E:ovQJwmv7/AbdMIZ1fhO/WtWUyrZFQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
046f8302026ae20d82abe90aa82409cb_JaffaCakes118

Files

046f8302026ae20d82abe90aa82409cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c1e2ed841f760d0fa4594fdc3ab920a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumResourceLanguagesA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCalendarInfoW
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
GetVolumeNameForVolumeMountPointA
HeapAlloc
HeapCreate
IsBadStringPtrW
SetCalendarInfoA
SetEndOfFile
SetThreadExecutionState
TerminateJobObject
TryEnterCriticalSection
WaitForSingleObject
lstrcatA

user32

LoadStringA
GetWindowRect
GetScrollInfo
DestroyWindow
SetScrollInfo

comctl32

ImageList_GetImageRect
FlatSB_GetScrollProp
ImageList_DragLeave
ImageList_Read
FlatSB_GetScrollInfo

msi

MsiGetFileSignatureInformationW
MsiEvaluateConditionA
MsiDatabaseCommit
Migrate10CachedPackagesA
MsiConfigureProductExA
MsiConfigureProductA
MsiUseFeatureW

oleaut32

VarBstrCmp
SysStringLen
SysReAllocString
SafeArrayDestroy
SafeArrayAllocData
SafeArrayAccessData
RevokeActiveObject
RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
ClearCustData

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1e2ed841f760d0fa4594fdc3ab920a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

msi

oleaut32

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB