16cb938028955eb10b8a344bb5c2cebe_JaffaCakes118

General

Target

16cb938028955eb10b8a344bb5c2cebe_JaffaCakes118
Size

328KB
MD5

16cb938028955eb10b8a344bb5c2cebe
SHA1

f26e6086e86d8e197446366be3072e6c7ad2957a
SHA256

22fb4d1237cc031870db893aff0bb70f685a3bb2603a4fed77ce9b0d7df9151f
SHA512

010702b85650c9d514c9f76e82873d485f32b211949e2d92e4a5f10f896ea108995e7135fcbf30d8cae70c81faeeee06032fdfb193dde42c1a141fe594d85856
SSDEEP

6144:wsd3thpfWHRCcJUBWFnclMaqoFXsn4LOxIEjtKWpf1VVN1UNz9HqF:53tjfWHXZpMinLxfKWpf1VVN1I9HqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16cb938028955eb10b8a344bb5c2cebe_JaffaCakes118

Files

16cb938028955eb10b8a344bb5c2cebe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfce0d72d2b5eb382422e155881442ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
WritePrivateProfileSectionA
RegisterWowBaseHandlers
DeleteFileW
SetCommMask
GetConsoleAliasesA
GetTapePosition
CreateProcessInternalW
WaitForSingleObjectEx
SetConsolePalette
IsBadHugeWritePtr
lstrcpyn
WriteConsoleW

user32

LoadCursorFromFileA
GetPropW
DdeAddData
GetScrollRange
DdeQueryNextServer

shell32

DragAcceptFiles
SHGetDataFromIDListA
SHGetDataFromIDListW
SheGetDirA
SHBindToParent
SHCreateProcessAsUserW
RealShellExecuteExW
SHGetIconOverlayIndexA
SHCreateDirectoryExW

gdi32

PATHOBJ_bEnum
GetTextCharset
SetColorAdjustment
StartPage
GdiEntry10
EnumFontsA
FONTOBJ_pfdg
SetWinMetaFileBits
GetKerningPairs
GetEnhMetaFilePaletteEntries
GetDIBColorTable
SwapBuffers

Sections

nqbadhci
Size: 20KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

o3q.2eyw
Size: 52KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

cu127uog
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

oi5kped.
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yihl.vpk
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfce0d72d2b5eb382422e155881442ab

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Sections

nqbadhci Size: 20KB - Virtual size: 450KB

o3q.2eyw Size: 52KB - Virtual size: 90KB

cu127uog Size: 248KB - Virtual size: 246KB

oi5kped. Size: - Virtual size: 244KB

yihl.vpk Size: 4KB - Virtual size: 2KB

nqbadhci
Size: 20KB - Virtual size: 450KB

o3q.2eyw
Size: 52KB - Virtual size: 90KB

cu127uog
Size: 248KB - Virtual size: 246KB

oi5kped.
Size: - Virtual size: 244KB

yihl.vpk
Size: 4KB - Virtual size: 2KB