6f202e8d23c30c15ae8c61182b6d102c_JaffaCakes118

General

Target

6f202e8d23c30c15ae8c61182b6d102c_JaffaCakes118
Size

3.7MB
MD5

6f202e8d23c30c15ae8c61182b6d102c
SHA1

94979c02395045beb29b98e958298d654c1f3050
SHA256

92785d1660026f7eb0c3ef3a15b69cd14946ce987bc4973ec3b58bd1b5b217a1
SHA512

4190f6d7e6ba29e5663865af4a52d61bc518bd19892ac5e03f46bdca820d14be7ef6065d54cb28cbac9b15086d23b1e04283d3aaf8dd64df45595dd25b2d337a
SSDEEP

98304:dlCLT/FVFboFY4LxanUed1cNTlqN1mOLg2GwTv9QK:dlCP7FboWHtd1rN17g2Xvp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f202e8d23c30c15ae8c61182b6d102c_JaffaCakes118

Files

6f202e8d23c30c15ae8c61182b6d102c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07a04905258b688e54e60382b22903c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DestroyPropertySheetPage
ImageList_AddMasked
ImageList_GetImageCount
ImageList_DrawIndirect

advapi32

EnumServicesStatusA
CryptGetProvParam
InitiateSystemShutdownA
NotifyBootConfigStatus
SetNamedSecurityInfoA
ObjectDeleteAuditAlarmW
CryptGetHashParam

shell32

ShellExecuteA
SHGetSpecialFolderPathW
Shell_NotifyIconA
DragAcceptFiles

ws2_32

WSASocketW
ntohl
WSALookupServiceEnd
WSALookupServiceBeginA
WSARecv

oleaut32

VariantChangeType
SysAllocStringLen
SafeArrayRedim
SafeArrayCreate
SysFreeString
SafeArrayUnaccessData

ole32

OleSetClipboard
CoGetTreatAsClass
GetClassFile
CoDisconnectObject

user32

ChildWindowFromPointEx
OemToCharBuffA
EnumDisplaySettingsExA

kernel32

GetDriveTypeW
lstrcpynA
GetUserDefaultLCID
GetSystemInfo
GlobalFree
CreateIoCompletionPort
GetLongPathNameA
GetPrivateProfileStringW
WritePrivateProfileStringA
EnumSystemCodePagesA
GetSystemDirectoryW
GetWindowsDirectoryA
LocalSize
GetTimeZoneInformation
lstrcpyA
ExitProcess

Sections

.text
Size: 3KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07a04905258b688e54e60382b22903c8

Headers

File Characteristics

Imports

comctl32

advapi32

shell32

ws2_32

oleaut32

ole32

user32

kernel32

Sections

.text Size: 3KB - Virtual size: 222KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 3KB - Virtual size: 222KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB