39eed8cc1085ad220baa06ae33c8e499_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39eed8cc1085ad220baa06ae33c8e499_JaffaCakes118
Size

41KB
MD5

39eed8cc1085ad220baa06ae33c8e499
SHA1

649305cf422bfa3e80323d336038dfa2d5bdfbe6
SHA256

14bddff6f69207c8765618a76d4b441fdd644f91e3e4e189ab4c449529f01357
SHA512

0677965141235e77c775bc8208dd3e1bb68a48de0acd6bf6cddfe9f9830fbc96faa7bb9b2fe0b13b3d8c9d901040a22d10e96d362e138d5718852e18e2d0208a
SSDEEP

768:yBWYLNEEUD61KJDOODKXVXsIDNKllxf7ix5LSN+gGXqn:IVy61KUODKXuGEl7irGVGXq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39eed8cc1085ad220baa06ae33c8e499_JaffaCakes118

Files

39eed8cc1085ad220baa06ae33c8e499_JaffaCakes118
.exe windows:5 windows x86 arch:x86

85f51237b91436c64c6435d230e74d84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHDefExtractIconW
DllRegisterServer
PathResolve
DragFinish
SHChangeNotifyDeregister
PathQualify
DllCanUnloadNow
DriveType
DAD_DragMove
IsLFNDrive
Shell_MergeMenus
DllUnregisterServer
DragAcceptFiles
DllInstall
PifMgr_OpenProperties

EndUpdateResourceA
GetFileAttributesW
FileTimeToSystemTime
LCMapStringA
GetSystemDirectoryW
HeapAlloc
GetLastError
lstrcpyA
HeapFree
lstrcmpW
�GetProcessHeap
�lstrcpyW
�WaitForSingleObject
�IsDebuggerPresent
�CreateEventA
\GetVersion
ZFindResourceA
�lstrcpynW
�SetFileAttributesW
�MapViewOfFile
�OutputDebugStringA
CCreateFileW
iFindResourceW
6GetVersionExA
AInitializeCriticalSection
�FreeLibrary
aGetStartupInfoA
CreateFileMappingA
]ExitProcess
eTerminateProcess
fFindFirstFileA
�GetLocaleInfoA
PHeapSize
oTlsSetValue
TCreateProcessW
�GetSystemTime
�LoadLibraryExW
kGetUserDefaultLCID
�VirtualAlloc
�SetupInstallFromInfSectionA
�GetClientRect
�RegEnumKeyExW
�RegCreateKeyW

Sections

.textbss
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85f51237b91436c64c6435d230e74d84

Headers

File Characteristics

Imports

shell32

Sections

.textbss Size: - Virtual size: 168KB

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 7KB - Virtual size: 6KB

.tls Size: 512B - Virtual size: 592B

.rsrc Size: 11KB - Virtual size: 11KB

.debug Size: 7KB - Virtual size: 7KB

.textbss
Size: - Virtual size: 168KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 7KB - Virtual size: 6KB

.tls
Size: 512B - Virtual size: 592B

.rsrc
Size: 11KB - Virtual size: 11KB

.debug
Size: 7KB - Virtual size: 7KB