7345f19d06e519597fdd0459bc239895_JaffaCakes118

General

Target

7345f19d06e519597fdd0459bc239895_JaffaCakes118
Size

179KB
MD5

7345f19d06e519597fdd0459bc239895
SHA1

7ffacd071fac23fb2c4d249f5dca3b03ef79d6d2
SHA256

dae23506a2bfadbaa27538f1fdc25c9c3f3dbb22c9ee2f280c638353722bb4bc
SHA512

636610e52471dfd8a7a9449da655646c081866893b6520b566ed962b16eb89adb8cc475fb47a0ddb7953ed680718858f2169983ddeef39c448eb3c332a6b6a79
SSDEEP

3072:OlO0ZnR1HTd0nbw+ZHOsk5b+o2aEs9dV/9USWzqOdCHn3GuKwGYvGQreG0R51:S7TunlZHOsk5b2kL/uSbWjKryp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7345f19d06e519597fdd0459bc239895_JaffaCakes118

Files

7345f19d06e519597fdd0459bc239895_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb5619469b6daa0dee86392055e18664

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
UrlCombineW
UrlApplySchemeW
UrlCanonicalizeW
UrlGetPartW
PathAppendW

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

LoadLibraryExW
CreateFileW
HeapFree
GetProcessHeap
lstrlenW
GetCurrentThreadId
GetThreadLocale
GetSystemTimeAsFileTime
LocalAlloc
HeapDestroy
lstrlenA
GetSystemTime
GetLocaleInfoA
IsDebuggerPresent
WriteFile
UnhandledExceptionFilter
GetCurrentProcessId
HeapSize
GetStartupInfoA
SystemTimeToFileTime
HeapReAlloc
LoadLibraryW
GetTickCount
GetCurrentProcess
CloseHandle
EnumResourceTypesW
CreateProcessA
GetStdHandle
SetUnhandledExceptionFilter
GetEnvironmentVariableA
WideCharToMultiByte
GetACP
ResetWriteWatch
InterlockedExchange
TerminateProcess
HeapAlloc
MultiByteToWideChar
InterlockedCompareExchange
QueryPerformanceCounter
Sleep
GetModuleHandleA
RaiseException
HeapFree
lstrcpynW

msimg32

TransparentBlt

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb5619469b6daa0dee86392055e18664

Headers

File Characteristics

Imports

shlwapi

oleacc

kernel32

msimg32

wtsapi32

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 512B - Virtual size: 4KB