78e0d699ea972fe1c280a0885f8cd1e5_JaffaCakes118

General

Target

78e0d699ea972fe1c280a0885f8cd1e5_JaffaCakes118
Size

800KB
MD5

78e0d699ea972fe1c280a0885f8cd1e5
SHA1

5748ad04b824ca3a74e758c4ca019f7f6f5ef984
SHA256

5b933a6f6615d5c486c53b1ce63146c8b695435d544cd8baf743967fd895f256
SHA512

95164a4ce959e70fe648967937e2657e62f104c7deb73f19ba997f8b0a531912940276fa5cfe07e48f22db8e9a44148d6e55593ff70ed4a4e8f5d9aec6fca76c
SSDEEP

6144:pZRv2imJKapPcwpx3FGlfa7AZ7BYSzRqZCWWyVqoAYgD1sVfbwahFD3yu28f:D6KapPnpxohasZN58CW3qo+D4bR3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e0d699ea972fe1c280a0885f8cd1e5_JaffaCakes118

Files

78e0d699ea972fe1c280a0885f8cd1e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

113f9149ea906606b2b3924c0dc57b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
lstrcpyA
GetProcAddress
LoadLibraryA
RemoveDirectoryA
SetCurrentDirectoryA
EnumResourceNamesA
CreateDirectoryA
lstrcpynA
GetUserDefaultLangID
LockResource
LoadResource
SizeofResource
FindResourceA
LoadLibraryExA
SetFileAttributesA
lstrcmpiA
lstrcmpA
SetLastError
GetLastError
CreateEventA
SetEvent
GetStartupInfoA
ExitProcess
GetCommandLineA
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
LocalFree
GetVersionExA
WaitForMultipleObjects
GetSystemDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
GetDriveTypeA
lstrcatA
CreateFileA
lstrlenW
WriteFile
CloseHandle
DeleteFileA
GetModuleHandleA
lstrlenA

user32

GetWindowLongA
CharNextA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
SetWindowLongA
CreateWindowExA
UnregisterClassA
GetClassNameA
SendMessageA
EnumWindows
LoadStringA
MessageBoxA
wsprintfA
DefWindowProcA
RegisterClassExA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

ole32

CLSIDFromString
CoInitialize
CoUninitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

113f9149ea906606b2b3924c0dc57b6a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB