761e83b943ff6633e33d651094d4d10a_JaffaCakes118

General

Target

761e83b943ff6633e33d651094d4d10a_JaffaCakes118
Size

153KB
MD5

761e83b943ff6633e33d651094d4d10a
SHA1

693c6b5b670a9cbd39d8f94f29861a909c1a8c73
SHA256

b80d607f6d65cf005690914366d4a46b0dce371b69d7db132012525706742526
SHA512

0760804cc527429272053352be64088e7bb4ae18e9aeafcfbd3fd76e5f6c4d0d5f6f4ae483143cffb6fb41091f593c6586d0bab6edd20a710744bb3b66041433
SSDEEP

3072:sDP0xkKsE7gVfTTm+7H7BcysKZJK4/TUT6b6Kn/FOfPLtIog8cgy+:sDshMBPm+77qcTYKnInLtIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
761e83b943ff6633e33d651094d4d10a_JaffaCakes118

Files

761e83b943ff6633e33d651094d4d10a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c1c905e1b09beefb5b5f83bdc7fccb35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeviceIoControl
GetStartupInfoA
GetFileTime
GetModuleHandleA
WideCharToMultiByte
SetThreadLocale
SetLastError
CreateProcessW
GetCommandLineW
GetStartupInfoW
WriteConsoleA
VirtualProtect
GetStringTypeA
OutputDebugStringA
GetSystemInfo
GetCurrentProcess
GetUserDefaultLCID

user32

GetClassNameA
GetSysColor
GetScrollPos
GetSubMenu
SetRect
CloseClipboard
WinHelpA
IsWindow
IsChild

msvcrt

log10
__getmainargs
__set_app_type
abort
_fileno
_initterm
_acmdln
_except_handler3
exit
_getcwd
__setusermatherr
_XcptFilter
__p__fmode
__p__commode
_adjust_fdiv

comctl32

CreateToolbarEx
ImageList_Read
ImageList_Create
ImageList_DragEnter
InitCommonControlsEx
CreatePropertySheetPageW
PropertySheetA

shell32

ExtractAssociatedIconW
SHGetSpecialFolderPathW
SHBrowseForFolder
SHGetPathFromIDListW
SHAddToRecentDocs
ShellExecuteExA
SHBrowseForFolderA
SHBrowseForFolderW
SHBindToParent

oleaut32

SafeArrayPutElement
VariantCopyInd
CreateErrorInfo
SysReAllocStringLen
SafeArrayRedim

advapi32

CryptGenRandom
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExA
GetLengthSid
RegDeleteValueA

ole32

CoUninitialize
ReleaseStgMedium
CoReleaseMarshalData
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoInitializeEx
CoRevokeClassObject
CoTaskMemFree
RegisterDragDrop

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1c905e1b09beefb5b5f83bdc7fccb35

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

shell32

oleaut32

advapi32

ole32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 141KB - Virtual size: 140KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 141KB - Virtual size: 140KB

.data
Size: 6KB - Virtual size: 6KB