64573efc650cf77736fe0f16e7170b99_JaffaCakes118

General

Target

64573efc650cf77736fe0f16e7170b99_JaffaCakes118
Size

274KB
MD5

64573efc650cf77736fe0f16e7170b99
SHA1

05aaa221ea4cc52a1b3ca4c8cca5c0acc5ffd4f3
SHA256

8f9bce3b54dea5fb2615ab4e9840d105b725cf15afbb75aa3fa5b619a3606feb
SHA512

b8e76aa5d599141bb3e46d4f492a52e966fdcea7a86d104d7c912bcd3a80380dc4f9461af11053bea81d2f00af8fb075e7fcde1c04b1a5cab73a5c114dea61be
SSDEEP

6144:u23cM6zWSq4i1T7W2KTO3VyT3fV8b66uzN40MhnlsD+XG9/A:93Szw4i1W2KTOW3d8bflsbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64573efc650cf77736fe0f16e7170b99_JaffaCakes118

Files

64573efc650cf77736fe0f16e7170b99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

800e0ba838bfd62deab9a53eb3f2a9cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GlobalGetAtomNameA
WaitForSingleObject
Sleep
FreeLibrary
SetFileAttributesW
FindClose
GetLastError
GetPrivateProfileIntW
MulDiv
FindFirstFileW
GetLocaleInfoW
LoadResource
FileTimeToLocalFileTime
lstrcpynW
GlobalAlloc
GlobalUnlock
GetModuleHandleW
GetVersionExW
GetTickCount
MultiByteToWideChar
GetPrivateProfileStringW
GetCurrentDirectoryW
CloseHandle
GetModuleFileNameW
ResumeThread
WideCharToMultiByte
GlobalLock
GetVersionExA
FileTimeToSystemTime
EnumResourceTypesA
GetProcAddress
IsValidCodePage
GetVersion
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSection
GlobalSize
GetCurrentThreadId
FindNextChangeNotification
LockResource
GetFileAttributesW
FindFirstChangeNotificationW
lstrcmpW
WritePrivateProfileStringW
InterlockedIncrement
DeleteFileW
LoadLibraryA
FindCloseChangeNotification
GlobalFree
LoadLibraryExW
lstrcpyW
FindResourceW
SetThreadPriority

shell32

SHIsFileAvailableOffline
ShellExecuteExA
SHGetFileInfoA
ShellExecuteExW
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
SHGetFolderPathW
SHBrowseForFolderA
ShellExecuteW
Shell_NotifyIconA

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

800e0ba838bfd62deab9a53eb3f2a9cb

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 2KB - Virtual size: 137KB

.data Size: 153KB - Virtual size: 152KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 2KB - Virtual size: 137KB

.data
Size: 153KB - Virtual size: 152KB

.rsrc
Size: 512B - Virtual size: 4KB