6ad0243cfdf2ac9af48599af491f80b3_JaffaCakes118

General

Target

6ad0243cfdf2ac9af48599af491f80b3_JaffaCakes118
Size

286KB
MD5

6ad0243cfdf2ac9af48599af491f80b3
SHA1

8de16279befa53713e825aa28e6352d7d90c9d07
SHA256

723d583a002776758a2852cfe94bfc798b3a346fdf340a463e4677a8f8dbf454
SHA512

8f45e82bb5d04e8adaf1e70c8e6a31782d8695ba606c43d76132c759665f405b7922008f5a14d4817fcd912039a343cf4b609b1c6850df7fdc1f0cfa9733cf6c
SSDEEP

6144:jL8wlciVX7xX2zuXfsxpJUVMNjNAh95cJSPBqQP:jIfgp25xbUV8AhncJSPBqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ad0243cfdf2ac9af48599af491f80b3_JaffaCakes118

Files

6ad0243cfdf2ac9af48599af491f80b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2d8947a447e94f91004007555af474e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

rpcrt4

UuidCreate

kernel32

HeapFree
GetPrivateProfileStringW
GlobalFindAtomW
FindFirstFileW
lstrlenA
GetSystemInfo
GetProcessHeap
GetCurrentProcessId
GetModuleHandleW
FindClose
WritePrivateProfileStringW
LoadLibraryExA
HeapAlloc
LoadLibraryExW
GetWindowsDirectoryA
GetModuleHandleA
GetPrivateProfileIntW
EnumResourceLanguagesA
FindNextFileW
ExpandEnvironmentStringsW
WaitForSingleObject
GetSystemDirectoryW
CopyFileW
GetPrivateProfileIntW
LoadLibraryW
SetFileAttributesW
FreeLibrary
ReleaseMutex
CreateMutexW
lstrcmpiW
GetCurrentDirectoryW
LocalFree
GetCurrentProcess

shlwapi

GetAcceptLanguagesA
PathCreateFromUrlW
PathIsRelativeW
StrCmpIW
PathRemoveFileSpecW
PathFindExtensionW
UrlUnescapeW
PathAppendW
UrlCreateFromPathW
PathCombineW

Sections

.text
Size: 145KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d8947a447e94f91004007555af474e

Headers

File Characteristics

Imports

shell32

rpcrt4

kernel32

shlwapi

Sections

.text Size: 145KB - Virtual size: 273KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 273KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 1024B - Virtual size: 4KB