8298e09475b456646915dcae12a93e75_JaffaCakes118

General

Target

8298e09475b456646915dcae12a93e75_JaffaCakes118
Size

180KB
MD5

8298e09475b456646915dcae12a93e75
SHA1

28a357eabf2bb21b06dca01e227305ce6ed7f42a
SHA256

a0dcd89634174a2ad0337cfdaa2ca0fefa93cd8df920cfb0560831ae57e86226
SHA512

1b3daa4f22f410882769c29b52c990c8fe46cd86f58cade12dd4fc7308fbc8ff75a4aeb6d74f401580bf20c9d0ae3c368342bdce3bbca83ea2e1db93f62390bd
SSDEEP

3072:bvS+ePucfdUUqINo40m8msUdgdQzxz/FKuMlEtoMNmp0hDywYxokUNYT6Pr:DSFWUFNopKzCdQzxDFKj6oIZDywY6kij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8298e09475b456646915dcae12a93e75_JaffaCakes118

Files

8298e09475b456646915dcae12a93e75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b2ef6da28ca83f3c845375f8034005d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
LockResource
GetModuleFileNameW
GetVersionExW
InitializeCriticalSection
GlobalAlloc
FreeLibrary
GetVersionExA
GetProcAddress
FindClose
WritePrivateProfileStringW
LoadLibraryA
GetModuleHandleW
FindCloseChangeNotification
CloseHandle
GetTickCount
GlobalUnlock
GetPrivateProfileStringW
FindFirstChangeNotificationW
MultiByteToWideChar
EnumResourceTypesW
lstrlenW
LoadResource
GetCurrentDirectoryW
IsBadCodePtr
FindResourceW
MulDiv
LoadLibraryW
GetPrivateProfileIntW
GlobalLock
WaitForSingleObject
FindFirstFileW
FindNextChangeNotification
Sleep
GlobalSize
DeleteCriticalSection
GetLocaleInfoW

wininet

HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetReadFile
HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetCrackUrlA
InternetErrorDlg
InternetTimeFromSystemTime

shell32

SHGetImageList
CommandLineToArgvW
ShellExecuteExA
SHGetFolderPathW
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExW
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b2ef6da28ca83f3c845375f8034005d

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 94KB - Virtual size: 93KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 94KB - Virtual size: 93KB

.rsrc
Size: 512B - Virtual size: 4KB