7592c01fe5b91819cede26d11020d546_JaffaCakes118

General

Target

7592c01fe5b91819cede26d11020d546_JaffaCakes118
Size

356KB
MD5

7592c01fe5b91819cede26d11020d546
SHA1

612b29a1b1c1db9c6d5469c3fd5209ef093ea569
SHA256

fa0bc3b6595f4dd57380d4791ecbc72c101423caec1bf1a70b12eec1d71753fe
SHA512

7c97556af024e27c34bcd30db8df61d15af1338919533374d5aca961d8ab0f261c7b33f05af121507d7c9e8f5e6905d63d71d2274d032829eed63a8f8095e0ce
SSDEEP

3072:ZdxvN5e6eq/j/mbKzoUGBXKIhU1C90bmYzOZVPh5i1UKXYEVKprRNJmmyTQ:XxvaU8GoUGBTyU9PYz+52tXlMpr8pT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7592c01fe5b91819cede26d11020d546_JaffaCakes118

Files

7592c01fe5b91819cede26d11020d546_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc70bda357c7e5c5cd72e9db6a404870

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW

shell32

ExtractIconW
SHFreeNameMappings
SHGetIconOverlayIndexW
SHCreateDirectoryExW
ExtractAssociatedIconExW
ord689

gdi32

FlattenPath
DeleteEnhMetaFile
ExcludeClipRect
SetDeviceGammaRamp

comctl32

ord5
ord13

kernel32

SetEndOfFile
ReadFileEx
GetBinaryTypeA
GetProcAddress
Sleep
GetModuleHandleA
LoadLibraryA
GetDateFormatW
SetConsoleTextAttribute
ReleaseSemaphore
SetHandleCount
SetFileTime
CreateSemaphoreW
lstrcmpiW
GetPrivateProfileSectionA
SetFilePointer
CreateConsoleScreenBuffer
MultiByteToWideChar
WideCharToMultiByte
GetQueuedCompletionStatus
WaitNamedPipeW
SetEnvironmentVariableA
FindFirstVolumeW
GetStartupInfoA

user32

EnumChildWindows
HiliteMenuItem
SetMessageQueue
UnhookWinEvent
IsWindowUnicode
GetMenuItemRect
AllowSetForegroundWindow
CharNextW
SetWindowLongW
GetDCEx
GetScrollInfo
LoadMenuIndirectW

msvcrt

vsprintf
fread
perror
fputs
localtime
isprint
strrchr
difftime
toupper
vwprintf
fgetwc
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
getchar
malloc
memmove
memcpy
memset
_c_exit

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc70bda357c7e5c5cd72e9db6a404870

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 167KB - Virtual size: 312KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 167KB - Virtual size: 312KB