2c4bd1522d0920946298ec2ae419d6c4_JaffaCakes118

General

Target

2c4bd1522d0920946298ec2ae419d6c4_JaffaCakes118
Size

166KB
MD5

2c4bd1522d0920946298ec2ae419d6c4
SHA1

3349a125ab39c937d97a9327e8909a6859b29cf3
SHA256

649daafc81b0354fa7f753a672f2d0c6d2407422ef7d70bdc0a1af6aa19cc481
SHA512

ceb27f110113aa3f0d67faea5984a8f20859ee9481ac9bcb811ced2f5c2dccb916e0b61e9922f895506fc9454ae4f9f9b55274d4f06b7a567837b1b82040f35b
SSDEEP

3072:WGsOjf4iUPtCzw0Mh6rz/adu2IXw0UBj+CC+HmHGzJSAzz:5xMJtCECzCdulA0A+0mHGI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4bd1522d0920946298ec2ae419d6c4_JaffaCakes118

Files

2c4bd1522d0920946298ec2ae419d6c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6728d395e091c556dbf68f2730ea385

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetLastError
GlobalGetAtomNameA
WritePrivateProfileStringW
FindClose
FindCloseChangeNotification
GetPrivateProfileIntW
LoadResource
FindFirstChangeNotificationW
GetCurrentThreadId
lstrlenW
DeleteFileW
GlobalAlloc
FindNextChangeNotification
LoadLibraryA
InterlockedIncrement
FileTimeToLocalFileTime
GlobalSize
GetVersion
GetProcAddress
MultiByteToWideChar
FreeLibrary
GetCurrentDirectoryW
GetTickCount
WideCharToMultiByte
EnumResourceTypesA
FindFirstFileW
lstrcpynW
GlobalFree
LockResource
GetVersionExA
WaitForSingleObject
LoadLibraryW
SetFileAttributesW
IsValidCodePage
Sleep
lstrcmpW
LoadLibraryExW
ResumeThread
CloseHandle
FileTimeToSystemTime
GetModuleHandleW
FindResourceW
GlobalUnlock
GetVersionExW
MulDiv
GetPrivateProfileStringW
GetModuleFileNameW
GetLocaleInfoW
lstrcpyW
GetFileAttributesW
DeleteCriticalSection
InitializeCriticalSection
SetThreadPriority

shell32

SHIsFileAvailableOffline
ShellExecuteExA
SHGetPathFromIDListA
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderA
SHGetFolderPathW
SHFileOperationW
SHGetFileInfoA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6728d395e091c556dbf68f2730ea385

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 2KB - Virtual size: 401KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 2KB - Virtual size: 401KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 512B - Virtual size: 4KB