75e2a75fd848e75e948f8ba28f74912c_JaffaCakes118

General

Target

75e2a75fd848e75e948f8ba28f74912c_JaffaCakes118
Size

3.7MB
MD5

75e2a75fd848e75e948f8ba28f74912c
SHA1

46194310117d1f6002e4309fc884c329503c0373
SHA256

93f9dd967230676d6eff729abd54766b008ccedf2f024bfe45237742d693687a
SHA512

c460e038bb8819f53f53c950c3616782db20fcc030c83f724071e2d6c2a198d8681a00e9ea63b6964d275d1eb4666259fbeedfcb86f07ad4f453ca633038fdea
SSDEEP

98304:B2o4yIOTYI8LmpNEHoYUK3W4nDNayxawtRvgh:ZQOR86p+2wxnpayowtRvgh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75e2a75fd848e75e948f8ba28f74912c_JaffaCakes118

Files

75e2a75fd848e75e948f8ba28f74912c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetProtoByNumber
shutdown
WSAHtons
WSAEnumProtocolsW

shell32

DragQueryPoint
SHChangeNotify

ole32

CoSwitchCallContext
CoGetTreatAsClass

kernel32

GetTickCount
EnumDateFormatsW
SetConsoleOutputCP
lstrcmpA
OpenFile
ReleaseSemaphore
EnumTimeFormatsW
ExpandEnvironmentStringsW
CreatePipe
GetUserDefaultLangID
ExitProcess
TryEnterCriticalSection
GetTempFileNameA
LoadLibraryExW
OutputDebugStringA
GetCPInfo
IsBadReadPtr
GetSystemDefaultLangID
PeekConsoleInputW
VirtualAllocEx
AllocConsole

user32

ChildWindowFromPointEx
TabbedTextOutA
CreateCursor
MsgWaitForMultipleObjectsEx
wsprintfW
VkKeyScanW
GetPropA

version

VerFindFileA

oleaut32

LoadTypeLibEx
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SetErrorInfo
LoadTypeLi

msvcrt

_ismbcspace
_eof
_ismbcdigit
_putws
bsearch
_cwait
fwprintf
_isctype
strtok
rename
_stricoll
fgetc
_wcsupr
getenv
_close
tolower
_wtoi
strspn
wcsftime
_chdrive
_mbsupr
_beginthreadex
_wgetenv

Sections

.text
Size: 2KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

Imports

ws2_32

shell32

ole32

kernel32

user32

version

oleaut32

msvcrt

Sections

.text Size: 2KB - Virtual size: 221KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 221KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB