193e1ff61d960ed79cc811d4ddb7e9c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

193e1ff61d960ed79cc811d4ddb7e9c3_JaffaCakes118
Size

78KB
MD5

193e1ff61d960ed79cc811d4ddb7e9c3
SHA1

c9f5ce1cc66c21be7e8d49577d4b63c74e1254e5
SHA256

9169b44a235d51c91f4787ba7910efd869b7992ca4cf0b4b4ecb984987eeecd7
SHA512

543b40801d4a8b3fff080df525f5c31f77e76d1b5cb48e462ee861b0f1c91af80888cbcfae25d2651af4d050c2c9002b4650abed354d8cca9dc691980a978c17
SSDEEP

1536:tH97YmbKgoovHm0rUO4/3yzBz+Mubi6vg+6ofjFdzueSsI9O7:td7Ym8IrrW/CzBdJ6vgFobFdzueSsIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193e1ff61d960ed79cc811d4ddb7e9c3_JaffaCakes118

Files

193e1ff61d960ed79cc811d4ddb7e9c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d56a2a36c564c5dc1dff17bb70b66168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

oleaut32

DllUnregisterServer
GetActiveObject
RegisterActiveObject

ole32

CreateItemMoniker
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
GetRunningObjectTable

advapi32

RegisterServiceCtrlHandlerA
DeregisterEventSource
RegisterEventSourceA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

kernel32

RemoveDirectoryA
LocalAlloc
SetFileTime
GetDiskFreeSpaceA
TerminateProcess
lstrcmpA
GetShortPathNameA
SetFilePointer
GetVersionExA
ExitProcess
GetCurrentProcess
GetWindowsDirectoryA
GetTickCount
GlobalUnlock
FindNextFileA
lstrcpynA
DosDateTimeToFileTime
GetLastError
lstrcmpiA
GetFileAttributesA
FormatMessageA
GetModuleHandleA
GetStartupInfoA
LoadResource
TerminateThread
WriteFile
FlushFileBuffers
lstrcatA
FindClose
GetProcAddress
CreateEventA
GlobalFree
CloseHandle
SetConsoleTitleA
GlobalAlloc
CreateFileA
LoadLibraryExA
GetPrivateProfileIntA
ResetEvent
CreateMutexA
GetSystemDirectoryA
LoadLibraryA
GetDriveTypeA
GetTempPathA
GetModuleFileNameA
GetSystemInfo
QueryPerformanceCounter
lstrcpyA
LocalFree
FreeLibrary
FindFirstFileA
DeleteFileA
LocalFileTimeToFileTime
SetEvent
SizeofResource
GetSystemTimeAsFileTime
MulDiv
CreateProcessA
GetExitCodeProcess
SetCurrentDirectoryA
SetFileAttributesA
LockResource
CreateDirectoryA
ReadFile
GetCurrentThreadId
GetCurrentProcessId
CreateThread
GetTempFileNameA
FreeResource
lstrlenA
IsDBCSLeadByte
FindResourceA
GetVolumeInformationA
SetCommBreak
GetCurrentDirectoryA
GlobalLock
GetCommandLineA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 150KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56a2a36c564c5dc1dff17bb70b66168

Headers

File Characteristics

Imports

shell32

oleaut32

ole32

advapi32

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 3KB

.shared Size: 150KB - Virtual size: 259KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 3KB

.shared
Size: 150KB - Virtual size: 259KB