3092048b1bf55760778d86d42034e635_JaffaCakes118

General

Target

3092048b1bf55760778d86d42034e635_JaffaCakes118
Size

959KB
MD5

3092048b1bf55760778d86d42034e635
SHA1

5a2318a6ac2c9db35ad6c7c93f04280a2f7a226c
SHA256

2c6b80e6082632f2456e1c9ba69cfe7286b5afceed1aa83b815a8bc468798998
SHA512

5a61015a9aba7f91ec800768c7499a34daf5a689ffa77584214c7ab50a91e29c7d896e326a7cfaff06061e90300e85a591ce0e37364413dfec9be0f50c36619a
SSDEEP

24576:BwVsw7EGdrRQ3Laz7gknBrJIJ0HzE1pkAXbvbFD7A37ZX1D5v:KVsw/RhgJJ0HIMALOdFD5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3092048b1bf55760778d86d42034e635_JaffaCakes118

Files

3092048b1bf55760778d86d42034e635_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da51115f6e3a78c29e63bb661d6da9b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
StrToIntA

user32

DestroyIcon
CreatePopupMenu
DestroyWindow
LoadStringW
DispatchMessageA
InsertMenuItemA
GetMessageA
TrackPopupMenu
SetMenuDefaultItem
CharNextW
MessageBoxA
DestroyMenu
FindWindowA
GetWindowTextW
RegisterClassA
EnableMenuItem
DefWindowProcA
RegisterWindowMessageA
LoadImageA
GetAsyncKeyState
CreateWindowExA
SendMessageA
InsertMenuItemW
GetCursorPos
SetForegroundWindow
CharNextA
PostQuitMessage

msvfw32

DrawDibProfileDisplay
ICRemove

kernel32

GetDriveTypeW
lstrlenA
LoadLibraryExA
GetModuleFileNameA
GetModuleHandleA
GetTickCount
GetPrivateProfileStringA
CloseHandle
ReadFile
GetVolumeInformationW
ExitProcess
GetLogicalDrives
CreateFileA
lstrlenW
SetErrorMode
FreeLibrary
GetPrivateProfileIntA
lstrcpynW
GlobalAlloc
SetFilePointer
GetEnvironmentVariableA
lstrcpynA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
Shell_NotifyIconW

advapi32

RegDeleteValueA
RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da51115f6e3a78c29e63bb661d6da9b8

Headers

File Characteristics

Imports

shlwapi

user32

msvfw32

kernel32

shell32

advapi32

Sections

.text Size: 516KB - Virtual size: 515KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 405KB - Virtual size: 3.7MB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 516KB - Virtual size: 515KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 405KB - Virtual size: 3.7MB

.rsrc
Size: 34KB - Virtual size: 34KB