7841a99b47d35a121afa5f6065a73c23_JaffaCakes118

General

Target

7841a99b47d35a121afa5f6065a73c23_JaffaCakes118
Size

206KB
MD5

7841a99b47d35a121afa5f6065a73c23
SHA1

4e99899fb4c76f94d9948fe2c5074a0508524afb
SHA256

b3fded9fc0dc26ed46c5977b9e72e58e91c3e49a99d17a912dae53beb7cabd12
SHA512

7cc3c3ca8a26ef44a87d8a703b5cc3ade79a7f7374ffab11e1e0c04b6f0bd218a46091ed3ceacda6b258e3472a87c87e618307f53c74f21ff638593a9333bf92
SSDEEP

6144:fOdPMlDovWyRsIkQ2MqPGlMy4kuG7b+Z/PZbq:fOKlDSWieRLhMCZ/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7841a99b47d35a121afa5f6065a73c23_JaffaCakes118

Files

7841a99b47d35a121afa5f6065a73c23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc80efea00f17d9fbad55e8383f35ce1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetModuleFileNameA
GetTempPathW
GetTempPathA
DisableThreadLibraryCalls
SetPriorityClass
LocalAlloc
lstrlenA
GetFileAttributesA
InterlockedIncrement
GetVersionExA
lstrcmpA
DeleteFileA
FindNextFileW
FreeLibrary
SetErrorMode
ReadFile
WaitForSingleObject
LocalFree
CloseHandle
GetFileAttributesW
EnumResourceTypesW
CopyFileA
GetModuleFileNameW
SetCurrentDirectoryW
FindNextFileA
WideCharToMultiByte
CreateDirectoryA
SetFileAttributesA
GetTempFileNameW
GetPrivateProfileStringW
GetCurrentDirectoryW
GetFileSize
InterlockedDecrement
FindFirstFileW
FindClose
MultiByteToWideChar
SetFileAttributesW
GetLastError
GetExitCodeThread
DeleteFileW
GetTempFileNameA

ole32

CoMarshalHresult
CoInitialize
StringFromCLSID
CoUninitialize
CreateItemMoniker
CoRegisterClassObject
GetRunningObjectTable
CoRevokeClassObject
CoCreateInstance
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoInitializeEx
CoTaskMemAlloc

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc80efea00f17d9fbad55e8383f35ce1

Headers

File Characteristics

Imports

kernel32

ole32

gdiplus

Sections

.text Size: 128KB - Virtual size: 127KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 74KB - Virtual size: 74KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 128KB - Virtual size: 127KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 74KB - Virtual size: 74KB

.reloc
Size: 1024B - Virtual size: 124KB