2995302e7c3518713a18d5128b33b98f_JaffaCakes118

General

Target

2995302e7c3518713a18d5128b33b98f_JaffaCakes118
Size

320KB
MD5

2995302e7c3518713a18d5128b33b98f
SHA1

bc249db6794950c9e4331277d7f99aecd96eddd1
SHA256

91721417bc54e6f846a5c8ad49655e4bc6f32e419711e691afffbce08ace3a50
SHA512

4ca3656a950ee9ec2069adb04893079d94de8a407bf3dfc24f0f03735d5efabf7a1b78363e2fb71bb5f8491523001df549838b32836fcef07e3db3a591fe20d0
SSDEEP

6144:7WZjTbE0iElenXIL3fLgO0xHj8XwWUb2NFhlDdJaeDzK+ztV+YQvtFH:qZze14P8O0xD8XwWiYFvDao++zST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2995302e7c3518713a18d5128b33b98f_JaffaCakes118

Files

2995302e7c3518713a18d5128b33b98f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8746e9225806ea17fc3b675c2862e05d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetConsoleWindowInfo
OutputDebugStringW
CreateDirectoryW
IsValidLocale
RemoveDirectoryA
GetCommandLineA
lstrlenA
VirtualProtect
GetVersionExA
GetTapeParameters
MoveFileExA
GetCommConfig

user32

SetCursor
SetClipboardViewer
SystemParametersInfoW
FindWindowExW
EnableWindow
GetDC
ToUnicodeEx
LoadImageW
DestroyCaret

gdi32

GetBrushOrgEx
GetTextExtentPointA
GetDIBColorTable
RectVisible

comdlg32

FindTextA
FindTextW

advapi32

AllocateLocallyUniqueId
OpenSCManagerA
RegisterEventSourceA
RegEnumValueA
RegisterEventSourceW
CreateServiceA
RegEnumKeyW
EnumDependentServicesA
EnumServicesStatusA

shell32

SHGetSpecialFolderPathA
SHFileOperationA
SHAddToRecentDocs
DragAcceptFiles

ole32

OleQueryLinkFromData
OleCreateLink
CoQueryProxyBlanket

shlwapi

PathStripToRootW
StrStrIW
PathQuoteSpacesA
PathAddBackslashW
PathRemoveBlanksW
StrTrimA
PathIsDirectoryW

setupapi

SetupDiEnumDriverInfoW
SetupGetLineCountA
SetupDiCreateDeviceInfoW
SetupDiGetDeviceInstallParamsW
SetupOpenFileQueue

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8746e9225806ea17fc3b675c2862e05d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

setupapi

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 32KB - Virtual size: 29KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 32KB - Virtual size: 29KB