34427577275ddbcbb03e889f08df55ab_JaffaCakes118

General

Target

34427577275ddbcbb03e889f08df55ab_JaffaCakes118
Size

189KB
MD5

34427577275ddbcbb03e889f08df55ab
SHA1

c320299a6aabb7cafd78fefb5e09db1ec0f20304
SHA256

04424dba485481aad73cc6b727e05e5f53489fee6819ff3dc5ce3296a9c97104
SHA512

961104a6643fbdb6b7f42340e4d5c71ed125027bdd39ed3896bf44f5c1c76f9660e74d9986ae08fbe88cb4ed15c6c72a896fb8ea6ff6398764052c13ab7a50e5
SSDEEP

3072:SuVdQA9HzkQtX0APv8hxQhyvlZ1Nu2V2q7HdDkV0wfmz5gbLtWithUvfTz13c/k8:ZVrftEA38hahytZbu2l7HSV0WmzibJtN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34427577275ddbcbb03e889f08df55ab_JaffaCakes118

Files

34427577275ddbcbb03e889f08df55ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe39f6a094971d257d1bd176d13e1773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryMemoryResourceNotification
SetFileAttributesW
CopyFileA
lstrlenA
CreateDirectoryA
SetFileAttributesA
lstrcmpA
FindNextFileA
DisableThreadLibraryCalls
SetCurrentDirectoryW
InterlockedIncrement
GetFileAttributesW
SetErrorMode
InterlockedDecrement
MultiByteToWideChar
CreateFileA
GetTempPathA
WaitForSingleObject
GetFileSize
FindFirstFileW
LocalAlloc
GetTempPathW
LocalFree
GetExitCodeThread
ReadFile
EnumResourceTypesW
FindClose
DeleteFileA
FreeLibrary
GetLastError
GetPrivateProfileStringA
GetModuleFileNameW
GetCurrentDirectoryW
CloseHandle
GetModuleFileNameA
GetFileAttributesA
GetVersionExA
DeleteFileW
GetTempFileNameW
WideCharToMultiByte
FindNextFileW
GetTempFileNameA

ole32

CoMarshalHresult
StringFromCLSID
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoInitialize
CLSIDFromString
CoRegisterClassObject
CreateItemMoniker
CoTaskMemFree
CoFreeUnusedLibraries
GetRunningObjectTable
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe39f6a094971d257d1bd176d13e1773

Headers

File Characteristics

Imports

kernel32

ole32

gdiplus

Sections

.text Size: 116KB - Virtual size: 115KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 116KB - Virtual size: 115KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 104KB