772b63d58af342c453f4d0e62fafd2a0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

772b63d58af342c453f4d0e62fafd2a0_JaffaCakes118
Size

53KB
MD5

772b63d58af342c453f4d0e62fafd2a0
SHA1

13fa34eafe40d332d53913d0fd71c06c96bf536a
SHA256

34592dcab6bf0574f1d6d60667aaa129e38212b53613057a6d7e7e2d3cc9d06e
SHA512

b91997f10fd5232756a9ec53ea39b2e0d40a928cfb48dbcd5b8c4513ef97594bb48bf174f3cd7090b8af9a74d82a2faeb3b6f3c246ab0a39afcbb7978ee4f2bc
SSDEEP

768:+t/hzj78Joli2PTutOo8p06e43c5TOBgMRi9WBgXvtyjHU4ctz5R6zDe:kBTutZMHe4H2MRNg1yjZm5REe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
772b63d58af342c453f4d0e62fafd2a0_JaffaCakes118

Files

772b63d58af342c453f4d0e62fafd2a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f1e8eda5c702f43bb579566476e547b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsNetworkPathA
PathIsRelativeW
StrCmpLogicalW

user32

SetFocus
GetWindowDC
GetWindowInfo
IsRectEmpty

oleaut32

VariantClear
VariantCopyInd
SysStringLen
SysAllocStringLen

kernel32

GetFullPathNameW
CreateMutexW
GetCurrentThreadId
FormatMessageW
GetTimeFormatW
lstrlenW
SetCurrentDirectoryW
FindClose
CloseHandle
GetDateFormatW
IsValidLocale
GetStartupInfoA
lstrcmpiW
GetVolumeInformationW
ReadFile
GetTempPathW
InterlockedExchange
HeapAlloc
GetCommandLineW
MultiByteToWideChar
SuspendThread
GetModuleHandleA
WideCharToMultiByte
GetCurrentThreadId
GetTickCount
HeapFree
InterlockedIncrement
GetExitCodeProcess
SetCommConfig
GetPrivateProfileStringW
GetVersionExA
GetFileAttributesW
FreeLibrary
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
GetPrivateProfileSectionW
GetPrivateProfileIntW
CreateJobObjectA
CreateDirectoryW
QueryDosDeviceW
LocalAlloc
OpenEventW
ReleaseMutex
SetUnhandledExceptionFilter
GetSystemDirectoryW
GlobalFree
CreateProcessW
UnhandledExceptionFilter
LocalFree
LocalReAlloc
TerminateProcess
LoadLibraryW
SetLastError
RaiseException
GetCurrentProcessId
FindFirstFileW
FindNextFileW
LoadLibraryA
GetDiskFreeSpaceExW
lstrlenA
DeleteFileW
GlobalAlloc
CreateFileW
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcess
GetDriveTypeW
Sleep
GetProcAddress
DeviceIoControl
GetCurrentDirectoryW
WriteFile
GetWindowsDirectoryW
GetLogicalDriveStringsW
ExpandEnvironmentStringsW
VirtualQuery
SetFilePointer
WaitForSingleObject
CopyFileW
GetSystemTimeAsFileTime

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

PropertySheetA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nqevyd
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 78KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1e8eda5c702f43bb579566476e547b5

Headers

File Characteristics

Imports

shlwapi

user32

oleaut32

kernel32

shell32

comctl32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 9KB

.nqevyd Size: 3KB - Virtual size: 3KB

.edata Size: 78KB - Virtual size: 91KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 9KB

.nqevyd
Size: 3KB - Virtual size: 3KB

.edata
Size: 78KB - Virtual size: 91KB