6009ce5c8efa2e0d9347335201d50580_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6009ce5c8efa2e0d9347335201d50580_JaffaCakes118
Size

122KB
MD5

6009ce5c8efa2e0d9347335201d50580
SHA1

4d3a059f53077e0bde7f718b805daaab7db2e978
SHA256

42357ca82109b01018ba69778e102bd78cf18002ec7a9afe838c9e3712a584f9
SHA512

958c70998926ce055a6113406fd8397a32525719384f5571957af0a23faf2b6b3ebb9f3b2852aacdf689a2dabe032984b6ae7209015a8a1be441b4181349efe2
SSDEEP

3072:puI3F2KqhXL7wP9tm2PUbJhFgvBaCxZ2RRcQdFA0AzKbG:pFq9L7wm2sbWaCxgsdKbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6009ce5c8efa2e0d9347335201d50580_JaffaCakes118

Files

6009ce5c8efa2e0d9347335201d50580_JaffaCakes118
.exe windows:5 windows x86 arch:x86

89694c761ac31ad9a2b9ded56ce90d47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
IsRectEmpty
GetWindowDC
GetWindowInfo

comctl32

PropertySheetA

oleaut32

SysAllocStringLen
VariantClear
SysStringLen
VariantCopyInd

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

kernel32

Sleep
GetLogicalDriveStringsW
lstrcmpiW
GetPrivateProfileSectionW
GetVolumeInformationW
GetEnvironmentStrings
HeapFree
ReadFile
InterlockedIncrement
GetCurrentProcess
UnhandledExceptionFilter
GetCurrentDirectoryW
LocalAlloc
GlobalFree
CreateMutexW
GetTempPathW
SetHandleContext
LoadLibraryW
MultiByteToWideChar
CreateFileW
GetWindowsDirectoryW
GetCurrentThreadId
GetPrivateProfileStringW
LocalReAlloc
DeviceIoControl
CopyFileW
CreateDirectoryW
FreeLibrary
DeleteFileW
CloseHandle
GetVersionExA
SetLastError
GetDiskFreeSpaceExW
CreateProcessW
OpenSemaphoreA
GetDateFormatW
SetCurrentDirectoryW
GetTimeFormatW
QueryPerformanceCounter
SetUnhandledExceptionFilter
IsValidLocale
GetProcAddress
ReleaseMutex
FindNextFileW
GetModuleHandleA
WriteFile
GetTickCount
lstrlenW
GetModuleFileNameW
LocalLock
LocalFree
GetDriveTypeW
ExpandEnvironmentStringsW
GetExitCodeProcess
FindClose
WideCharToMultiByte
GetPrivateProfileIntW
HeapAlloc
VirtualQuery
FindFirstFileW
TerminateProcess
RaiseException
InterlockedExchange
OpenEventW
GetStartupInfoA
lstrlenA
GetCurrentProcessId
SetFilePointer
GetFileAttributesW
GetCommandLineW
GlobalAlloc
FormatMessageW
GetProcessHeap
InterlockedDecrement
GetFullPathNameW
GetSystemDirectoryW
GetSystemTimeAsFileTime
lstrcmpW

shlwapi

PathIsNetworkPathA
PathIsRelativeW
StrCmpLogicalW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sujq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 109KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89694c761ac31ad9a2b9ded56ce90d47

Headers

File Characteristics

Imports

user32

comctl32

oleaut32

shell32

kernel32

shlwapi

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 9KB

.sujq Size: 3KB - Virtual size: 3KB

.edata Size: 109KB - Virtual size: 127KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 9KB

.sujq
Size: 3KB - Virtual size: 3KB

.edata
Size: 109KB - Virtual size: 127KB