3b1e3919bca9b3cc3c3ac503c724d3bf_JaffaCakes118

General

Target

3b1e3919bca9b3cc3c3ac503c724d3bf_JaffaCakes118
Size

166KB
MD5

3b1e3919bca9b3cc3c3ac503c724d3bf
SHA1

48012b30ce5a716aeb53ca6edaec71e5e297d079
SHA256

cedd281bdf451f98a7ff5a788c537d85fe80b77697032c71f98893af75f05d24
SHA512

d9aa886876ce8723f1f4d47b1f100f6822ae11fccb601b075865c5230ee2ceb66d131f4b299222056beb0b1360d7b3b431ee6abcd516117336a09d53c583d7f7
SSDEEP

3072:ZxO2Q4jCKWEl/+ioir6O0u/INi07BgYUEXoxMtQ7UFeLRAJ8Mrgegt+1s:SfA/l/+HOvw31qmy7SeLqJ8MrpE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b1e3919bca9b3cc3c3ac503c724d3bf_JaffaCakes118

Files

3b1e3919bca9b3cc3c3ac503c724d3bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

614e5bc154920e5afba4d658b9436b53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
lstrcmpW
GetVersion
LoadResource
GetModuleHandleW
GetAtomNameA
lstrcpynW
FindResourceW
SetFileAttributesW
GetCurrentDirectoryW
GetVersionExW
InitializeCriticalSection
CloseHandle
GetPrivateProfileStringW
MulDiv
WideCharToMultiByte
DeleteCriticalSection
FindClose
GetProcAddress
DeleteFileW
lstrlenW
FileTimeToSystemTime
LoadLibraryA
FreeLibrary
InterlockedIncrement
EnumResourceTypesA
GetPrivateProfileIntW
GlobalAlloc
GetVersionExA
ResumeThread
GetCurrentThreadId
FindNextChangeNotification
Sleep
IsValidCodePage
GetLocaleInfoW
GlobalSize
FindCloseChangeNotification
FindFirstFileW
LockResource
lstrcpyW
MultiByteToWideChar
GetFileAttributesW
GetModuleFileNameW
FileTimeToLocalFileTime
LoadLibraryW
FindFirstChangeNotificationW
GlobalUnlock
GetTickCount
GetLastError
WaitForSingleObject
GlobalFree
WritePrivateProfileStringW
GlobalLock
SetThreadPriority

shell32

SHGetImageList
ShellExecuteExA
SHGetFolderPathW
SHGetFileInfoA
ShellExecuteW
CommandLineToArgvW
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteExW
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

614e5bc154920e5afba4d658b9436b53

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 2KB - Virtual size: 401KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 2KB - Virtual size: 401KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB