780c7a8aa00b54810734fd7d0cd679c4_JaffaCakes118

General

Target

780c7a8aa00b54810734fd7d0cd679c4_JaffaCakes118
Size

229KB
MD5

780c7a8aa00b54810734fd7d0cd679c4
SHA1

51d808b94be6a49d8f9fab88fedd01f59a765b4d
SHA256

7d675f74a64bc7a258721805c9d2ad9c4e8e0d1abb509a0d3dd9bd70f5434f94
SHA512

96790706eca98fe02cf2894e3e5fbbde341377f2bbea9bad5923945622100cc199f19cfbcf5ffce2dcfba3f27a46167308cf6162cddf7b444729249461cd84dc
SSDEEP

3072:qHZf/YqzBjJDzrNOVh4ZIPFl1Qlwa2j3KN0iDS8Zr:6/HrEVeIFl1QlSj6N0iDSWr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
780c7a8aa00b54810734fd7d0cd679c4_JaffaCakes118

Files

780c7a8aa00b54810734fd7d0cd679c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a5c50c190badab4ae0ad33b2a42781b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
StrCmpIW
PathBuildRootA
UrlApplySchemeA
ord7
StrStrA
ord156

shell32

ord51
ExtractIconExA
DragQueryFileW
ord193
SHIsFileAvailableOffline
SHOpenFolderAndSelectItems

gdi32

Polyline
CreateRoundRectRgn
StrokeAndFillPath
FillPath

comctl32

CreateToolbarEx

kernel32

GetConsoleMode
ReleaseSemaphore
EnterCriticalSection
GetTickCount
IsSystemResumeAutomatic
FindClose
ReadConsoleInputW
LocalSize
SetErrorMode
GetLargestConsoleWindowSize
GetProcAddress
GetModuleHandleA
LoadLibraryA
Process32FirstW
GetVersion
CreateFileMappingW
FreeEnvironmentStringsW
RtlCaptureContext
GetFileInformationByHandle
GetComputerNameW
Beep
SystemTimeToFileTime
GetStartupInfoA

user32

SetWindowLongW
TabbedTextOutW
SetMessageExtraInfo
GetShellWindow
SetMessageQueue
GetScrollPos
WaitMessage
CreatePopupMenu
TrackMouseEvent
EnableMenuItem
ReplyMessage
GetKeyNameTextW
AllowSetForegroundWindow
UpdateLayeredWindow
GetMonitorInfoW

msvcrt

getchar
swprintf
iswlower
wcsncat
fwprintf
ungetc
wcsspn
strpbrk
strxfrm
malloc
fputwc
iswdigit
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
clock
memmove
memcpy
memset
strlen

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3a5c50c190badab4ae0ad33b2a42781b

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 184KB - Virtual size: 296KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 184KB - Virtual size: 296KB