735b40a301810d054b6c553fff3a694e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

735b40a301810d054b6c553fff3a694e_JaffaCakes118
Size

232KB
MD5

735b40a301810d054b6c553fff3a694e
SHA1

896d31d939b2eefb7a2a57698b93a039aa03a4d8
SHA256

20756cce89a20b6914f94a2368d3603b3be837cdc093ac0130ff2b1cd05936ea
SHA512

6a90017740dbbd1ba253d046a835bf67bc2896cd6541fd0432d0371bf1f3f6600ff610d3ab9cfae08db22c87f0dbe040dd2926f0795f06f19fe4c24505e0d24f
SSDEEP

3072:6xYE/3f4A2HdjVnF1Fx6rRwzkYZDRpvNzxHJ5kajI6SVjWX8Y9/MTBuDKM4bbEdI:Onf/2xlF/x09WDPvEgIpVaX5ysmM4MI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
735b40a301810d054b6c553fff3a694e_JaffaCakes118

Files

735b40a301810d054b6c553fff3a694e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a25e681ec6caff3fbac7e214b77a6e42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tan
memmove
malloc

shlwapi

SHStrDupA
PathIsContentTypeA
SHQueryInfoKeyA
PathFileExistsA
SHDeleteValueA
PathIsDirectoryA
SHSetValueA
SHEnumValueA
PathGetCharTypeA
SHDeleteKeyA

advapi32

RegCreateKeyExA
RegCreateKeyA

oleaut32

SysReAllocStringLen
GetErrorInfo

version

GetFileVersionInfoSizeA

ole32

CoGetContextToken
CreateOleAdviseHolder
CoRegisterClassObject
CoDisconnectObject
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoCreateFreeThreadedMarshaler
CoCreateGuid

user32

DefFrameProcA
CreateWindowExA
GetClassInfoA
ClientToScreen
CheckMenuItem
CreateIcon
CreateMenu
GetFocus
BeginDeferWindowPos
CreatePopupMenu
GetForegroundWindow
DrawMenuBar

gdi32

RestoreDC
CreateCompatibleDC
GetRgnBox
CreatePalette
CreateFontIndirectA
CreateDIBitmap
SetBkMode
GetDIBColorTable

kernel32

GetLastError
GetCurrentThread
WaitForSingleObject
GetProcAddress
LoadLibraryExA
lstrlenA
GetModuleHandleA
CompareStringA
GetCommandLineA
GetCurrentProcessId
ExitProcess
GetTickCount
VirtualAlloc

comdlg32

GetFileTitleA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHGetDesktopFolder
SHGetDiskFreeSpaceA

comctl32

ImageList_Draw

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a25e681ec6caff3fbac7e214b77a6e42

Headers

File Characteristics

Imports

msvcrt

shlwapi

advapi32

oleaut32

version

ole32

user32

gdi32

kernel32

comdlg32

shell32

comctl32

Sections

CODE Size: 30KB - Virtual size: 30KB

.edata Size: 197KB - Virtual size: 197KB

BSS Size: 1KB - Virtual size: 1KB

DATA Size: 1KB - Virtual size: 1KB

CODE
Size: 30KB - Virtual size: 30KB

.edata
Size: 197KB - Virtual size: 197KB

BSS
Size: 1KB - Virtual size: 1KB

DATA
Size: 1KB - Virtual size: 1KB