407e23d90258098014029a69faaf5147_JaffaCakes118

General

Target

407e23d90258098014029a69faaf5147_JaffaCakes118
Size

95KB
MD5

407e23d90258098014029a69faaf5147
SHA1

488d97011d0360a999628e261104bf190fa85764
SHA256

5d77e663fb227fa482d7cdc6f6cefc51021123cc566faed279f65c1ef64fe23b
SHA512

7daaa6f1be9665fe865c9e092fab3fc920986d97bf9119e517b4863b9167620f2a43af455caaea4fa140a38107e2e3ecc4f32eb58224c80ce0bfa66077fa4644
SSDEEP

1536:Etzxoib/lxP1/xwV3yHNXLWuu4opK4X+8LygH4qEIH6IFx0CuoDZZp+37g55q59:QVx41yHRuHsd9IDnuCZh4/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
407e23d90258098014029a69faaf5147_JaffaCakes118

Files

407e23d90258098014029a69faaf5147_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb6503b3fe643406515b2cc60338d8db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHBindToParent
SHGetMalloc
SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA

user32

BeginPaint
CreateMDIWindowA
EnableWindow
EndPaint
LoadIconA
MessageBeep
MessageBoxA
ShowCursor
ShowOwnedPopups

kernel32

GetPrivateProfileStringA
GetLastError
GetFileSize
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcatA
WriteFile
TlsGetValue
TlsAlloc
Sleep
SetUnhandledExceptionFilter
SetLastError
SetEndOfFile
RtlUnwind
LoadLibraryA
InitializeCriticalSection
GetVersion
GetTimeFormatA
GetSystemTime
CloseHandle
CompareStringA
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
ExitProcess
FindResourceA
GetDateFormatA
GetStartupInfoA

olepro32

OleCreatePropertyFrame
OleCreateFontIndirect
OleIconToCursor
OleTranslateColor

dsound

DirectSoundCreate8
DirectSoundEnumerateW
DirectSoundFullDuplexCreate
DirectSoundCaptureEnumerateA

dinput

DirectInputCreateEx
DirectInputCreateA

Sections

.text
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb6503b3fe643406515b2cc60338d8db

Headers

File Characteristics

Imports

shell32

user32

kernel32

olepro32

dsound

dinput

Sections

.text Size: 58KB - Virtual size: 60KB

.rdata Size: 19KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 58KB - Virtual size: 60KB

.rdata
Size: 19KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB