876fdea0e08e19666fc31f58574afca1_JaffaCakes118

General

Target

876fdea0e08e19666fc31f58574afca1_JaffaCakes118
Size

3.7MB
MD5

876fdea0e08e19666fc31f58574afca1
SHA1

b6977b37e8c0065c718bd8e713ffdc1a02bc27f4
SHA256

274b3689f23c1c5ca1f5655eb4c1c3a297e391bb0632d1a1b56c5c71105f946e
SHA512

45d0f5bfe69cbbbc061f40d088a0d2ef7eb55135e6e2efa3111e260dce66322dd916f066297069cbf9fadffcd2f3a9da144e5db2cbdf26c5f7c542ff546a1e1e
SSDEEP

98304:B2o4yIOTYI8LmpNEHoYUK3W4nDNayxawtRJFbc:ZQOR86p+2wxnpayowtRXbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
876fdea0e08e19666fc31f58574afca1_JaffaCakes118

Files

876fdea0e08e19666fc31f58574afca1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetProtoByNumber
shutdown
WSAHtons
WSAEnumProtocolsW

shell32

DragQueryPoint
SHChangeNotify

ole32

CoSwitchCallContext
CoGetTreatAsClass

kernel32

GetTickCount
EnumDateFormatsW
SetConsoleOutputCP
lstrcmpA
OpenFile
ReleaseSemaphore
EnumTimeFormatsW
ExpandEnvironmentStringsW
CreatePipe
GetUserDefaultLangID
ExitProcess
TryEnterCriticalSection
GetTempFileNameA
LoadLibraryExW
OutputDebugStringA
GetCPInfo
IsBadReadPtr
GetSystemDefaultLangID
PeekConsoleInputW
VirtualAllocEx
AllocConsole

user32

ChildWindowFromPointEx
TabbedTextOutA
CreateCursor
MsgWaitForMultipleObjectsEx
wsprintfW
VkKeyScanW
GetPropA

version

VerFindFileA

oleaut32

LoadTypeLibEx
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SetErrorInfo
LoadTypeLi

msvcrt

_ismbcspace
_eof
_ismbcdigit
_putws
bsearch
_cwait
fwprintf
_isctype
strtok
rename
_stricoll
fgetc
_wcsupr
getenv
_close
tolower
_wtoi
strspn
wcsftime
_chdrive
_mbsupr
_beginthreadex
_wgetenv

Sections

.text
Size: 2KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

Imports

ws2_32

shell32

ole32

kernel32

user32

version

oleaut32

msvcrt

Sections

.text Size: 2KB - Virtual size: 221KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 221KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB