0e0e548744660655269e1a83249f0022_JaffaCakes118

General

Target

0e0e548744660655269e1a83249f0022_JaffaCakes118
Size

190KB
MD5

0e0e548744660655269e1a83249f0022
SHA1

be250d312f2baf072c7ec10ed5240513bc9fa54d
SHA256

2df9600aa4cceee71ba2adf7d83503f12b0bef1bcf64e03c2cfe973d474a415d
SHA512

2f415fba2493558c349f96541fbc48eb736cec451e38b14bfb607c410c2b3cfcf4dfd77d31bc15d1454f1fbf83dc63dd26ea4528e904f9b49784a4e933c7a1d1
SSDEEP

3072:Q9LIlPiwQHjhToozLEtNOb7AUzUt9ujShCnJqFeQZ6m5VHJyJKBGfAd2jykY/dz1:wLIlPmHjVokLEte7lA+lnAFeQn3HJyRb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0e548744660655269e1a83249f0022_JaffaCakes118

Files

0e0e548744660655269e1a83249f0022_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a4dd5531fc26390c3e55750ee05ce41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesA
PathFindExtensionW
UrlCreateFromPathW
PathRemoveFileSpecW
StrCmpIW
PathCreateFromUrlW
PathAppendW
UrlUnescapeW
PathIsRelativeW
PathCombineW

kernel32

CopyFileW
GetProcessHeap
GlobalFindAtomW
HeapAlloc
FindNextFileW
HeapFree
SetFileAttributesW
GetCurrentDirectoryW
LoadLibraryW
LoadLibraryExW
FreeLibrary
GetCurrentProcessId
GetModuleHandleA
GetPrivateProfileIntW
EnumResourceLanguagesA
WaitForSingleObject
ExpandEnvironmentStringsW
FindFirstFileW
GetModuleHandleW
lstrlenA
GetWindowsDirectoryA
LoadLibraryExA
LocalFree
GetSystemInfo
lstrcmpiW
FormatMessageW
GetSystemDirectoryW
ReleaseMutex
CreateMutexW
FindClose
WritePrivateProfileStringW
GetPrivateProfileStringW
GetProcAddress
GetCurrentProcess

rpcrt4

UuidCreate

Sections

.text
Size: 102KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a4dd5531fc26390c3e55750ee05ce41

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

rpcrt4

Sections

.text Size: 102KB - Virtual size: 238KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 102KB - Virtual size: 238KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 1024B - Virtual size: 4KB