2365d323fcba38104474740b1e7d3df0_JaffaCakes118

General

Target

2365d323fcba38104474740b1e7d3df0_JaffaCakes118
Size

399KB
MD5

2365d323fcba38104474740b1e7d3df0
SHA1

02b2048fb48b6080c1e182a010dfd3f73ea29db2
SHA256

5d55a37e2fccf483267f462fc1df0f6ff1d189c9f9dba88a2adf293787cb49ba
SHA512

98672f76673353aafec73d8684cf58b22e419600988cdcb04c28bd114023f00e43e1666f9700767e4bae6e3f69a632892e99398417664f57bb3eb3e0a462a7df
SSDEEP

6144:/epTzaGK6sJaWnJMD4pcO6Jm9sPKOse0+nIQk819xBWB1s1phtV8GzBj7+a:/GTzaUoasMDiem4nnN7WBcphoc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2365d323fcba38104474740b1e7d3df0_JaffaCakes118

Files

2365d323fcba38104474740b1e7d3df0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10a709fa7dfebc010b0d04e37b12e81c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesA
GlobalFix
SetConsoleOutputCP
GetVersionExW
QueryPerformanceCounter
CopyFileA
HeapAlloc
LoadLibraryA
EnumTimeFormatsW
ExitProcess
ReadFileEx
EnumDateFormatsExA
DebugBreak
CreateThread
InterlockedExchange
GetTickCount
SetEndOfFile
GetModuleHandleA
EnumTimeFormatsA
GetPrivateProfileStructA
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
UnmapViewOfFile
GetCurrentThreadId
VirtualAlloc
FillConsoleOutputAttribute
GetProcAddress
ReleaseSemaphore
GetCurrentProcess
HeapFree
DeleteFileW
WriteProfileStringA
SetConsoleTitleW
GetCurrentProcessId
VirtualQuery
LoadLibraryExA
SuspendThread
GetSystemTimeAsFileTime

shell32

SHFreeNameMappings
SheChangeDirExW
CommandLineToArgvW
SHAppBarMessage
RealShellExecuteA
ExtractAssociatedIconExW
SheGetDirA
SHBrowseForFolder
SHGetPathFromIDListW
SHInvokePrinterCommandA
SHGetPathFromIDList
SHGetFileInfoW
SHAddToRecentDocs
SHQueryRecycleBinW
SHEmptyRecycleBinW
ShellAboutW
SHLoadInProc

wininet

InternetWriteFile
InternetReadFile
InternetTimeToSystemTimeA
ReadUrlCacheEntryStream
IsHostInProxyBypassList

advapi32

LookupPrivilegeValueA
RegQueryValueExA
RegCreateKeyExW
CryptGenRandom

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10a709fa7dfebc010b0d04e37b12e81c

Headers

File Characteristics

Imports

kernel32

shell32

wininet

advapi32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 265KB - Virtual size: 264KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 265KB - Virtual size: 264KB

.rsrc
Size: 7KB - Virtual size: 7KB