079d58173ad66be846dbb4544794566b_JaffaCakes118

General

Target

079d58173ad66be846dbb4544794566b_JaffaCakes118
Size

153KB
MD5

079d58173ad66be846dbb4544794566b
SHA1

2fece92f74c7f0d918872811977a5ee6e0087d2b
SHA256

18423cd1dcb18719c615d78215c700a81348c6ca4da4b5c4c3b975cbfe48236f
SHA512

498507314395e0cae319d3ddcada9625810e6488f5a1b7d0caf5c59422f02cf72af1cdf127f4cbfa36dd31e075654cecb918c9627e1637a9a8e98c70d392bc66
SSDEEP

3072:GDB1wEy6euTIEp5MtdIlwISIe3Aj2V1ijalBCufC5gSjH6PGiUg0+Xb1a6hff/xY:0B1FTPMtSlwIA3G2GjalffChqUK1aeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
079d58173ad66be846dbb4544794566b_JaffaCakes118

Files

079d58173ad66be846dbb4544794566b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

268989cd55a048af192fe708aa240bf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteExW
SHAppBarMessage
Shell_NotifyIconW
FindExecutableW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

kernel32

GetCommandLineA
LCMapStringW
LoadLibraryExW
GetStringTypeA
VirtualUnlock
VirtualLock
GetSystemInfo
ReleaseMutex
CreateMutexW
ResetEvent
SetEvent
CreateEventW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapDestroy
GetVersionExA
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentThreadId
GetLastError

oleaut32

SafeArrayDestroyDescriptor
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 105KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

268989cd55a048af192fe708aa240bf1

Headers

File Characteristics

Imports

shell32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 112KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 45KB - Virtual size: 44KB

.reloc Size: 512B - Virtual size: 340B

.text
Size: 105KB - Virtual size: 112KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 340B