09e6f8e9a58cb85c0e5f45ec7b349101_JaffaCakes118

General

Target

09e6f8e9a58cb85c0e5f45ec7b349101_JaffaCakes118
Size

97KB
MD5

09e6f8e9a58cb85c0e5f45ec7b349101
SHA1

553a2dc4842de8bf9aed59859d46b87c77553a3f
SHA256

29fd8032b83c3fb2980f0c8150b78ff240cbfcbebc7794672fa6d0c1a5605a8e
SHA512

09f118e4eece82517982c1892ed27a60951b7efc62d4439b489589a1ff5c882bae16ec0a0d2d866427fd01a76184d4ada2faaf8ec6580758f0ab3309c7671acc
SSDEEP

1536:gqz7OiC/B1KWstJrOWiu034PdMYUTsWVyOwVNH307YyYNnPP+ieTEUyNoMtwerO:pOiCOLr2VIPqPIWV/I30JeHi/y4WO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e6f8e9a58cb85c0e5f45ec7b349101_JaffaCakes118

Files

09e6f8e9a58cb85c0e5f45ec7b349101_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34ac689a2128d1ffa4750d9579e16175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
SHGetDiskFreeSpaceA
SHGetDesktopFolder

msvcrt

sprintf
rand
sqrt
cos
strcmp
atol
memmove
acos
exp

shlwapi

PathIsContentTypeA
PathGetCharTypeA
SHDeleteValueA
SHGetValueA
PathIsDirectoryA

kernel32

LoadLibraryA
VirtualAllocEx
RaiseException
GetFileAttributesA
GetProcAddress
GetCommandLineW
GetCommandLineA
GetACP
GlobalFindAtomA
EnterCriticalSection
ExitProcess
ExitThread
lstrlenA
DeleteFileA
GetModuleFileNameA
IsBadReadPtr
GetModuleHandleW
GetModuleHandleA
LoadLibraryExA

user32

CallWindowProcA
wsprintfA
GetClassLongA
ReleaseCapture
GetMenuItemInfoA
PostMessageA
ShowScrollBar
GetSysColorBrush
GetClassInfoA
SetActiveWindow
GetKeyboardLayoutList
GetActiveWindow
TrackPopupMenu
RegisterClassA
DispatchMessageW
FindWindowA
SetPropA
EmptyClipboard
InflateRect
InsertMenuA
GetScrollPos
EnableWindow

comdlg32

GetOpenFileNameA
GetFileTitleA
FindTextA
ChooseColorA
GetSaveFileNameA

Sections

CODE
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34ac689a2128d1ffa4750d9579e16175

Headers

File Characteristics

Imports

shell32

msvcrt

shlwapi

kernel32

user32

comdlg32

Sections

CODE Size: 83KB - Virtual size: 82KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 8KB

BSS Size: 136KB - Virtual size: 136KB

.rsrc Size: 9KB - Virtual size: 9KB

CODE
Size: 83KB - Virtual size: 82KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 8KB

BSS
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 9KB - Virtual size: 9KB