8a9a490c430476544ccbf92473af8d09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a9a490c430476544ccbf92473af8d09_JaffaCakes118
Size

293KB
MD5

8a9a490c430476544ccbf92473af8d09
SHA1

4925ad0c351b8b230ffedf5c276dafd821087e27
SHA256

77f66e490682f221f54454ec6fa58b5a5683dd65e377f932d0ab6b29e2e215f7
SHA512

c7687aa21306b10ad6cca41af2fc62a82048cdc4229d0ca8a82fb60a7d60a2f51c0ba332ace3cfbff7a259c1bd80c6eb8b41ba0417520a611967414ed870f863
SSDEEP

6144:dgOtMB7FAFJh6ydWE5Z9wGajkc9YwFE+MXZBB8alTRTLsz:d9q7FAsyD5MGa7FtMJBBj3Xsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a9a490c430476544ccbf92473af8d09_JaffaCakes118

Files

8a9a490c430476544ccbf92473af8d09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e488279a200b306827e03f34b24dc2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA

advapi32

RegOpenKeyExA

shell32

SHGetDataFromIDListA
DoEnvironmentSubstW
ExtractIconEx
Shell_NotifyIconW
SHGetSpecialFolderPathA
ExtractIconW
SHGetPathFromIDListW
ExtractIconExW
SHBrowseForFolderA
SHGetPathFromIDListA
SHAddToRecentDocs
SHBrowseForFolder
ShellExecuteA
SHGetDiskFreeSpaceExW
DoEnvironmentSubstA
SHGetDesktopFolder
SHGetFileInfoW
ExtractAssociatedIconW
SHFileOperationW
DragQueryFile
SHAppBarMessage
SHFreeNameMappings
SHGetFolderPathW
SHPathPrepareForWriteW
DragQueryFileAorW
SHGetSpecialFolderPathW
SHPathPrepareForWriteA
ShellAboutA
DragQueryPoint
SHCreateProcessAsUserW
ExtractAssociatedIconA
SHGetIconOverlayIndexA
ShellAboutW
SHEmptyRecycleBinW
SHGetSpecialFolderLocation
ShellExecuteExW
ExtractAssociatedIconExA
Shell_NotifyIcon
WOWShellExecute
SHGetInstanceExplorer
ShellExecuteEx
SHGetDataFromIDListW
SHLoadNonloadedIconOverlayIdentifiers
FindExecutableA
CheckEscapesW
SHCreateDirectoryExW
ExtractIconExA
SHBindToParent
SHEmptyRecycleBinA
DragAcceptFiles
CommandLineToArgvW
SHGetIconOverlayIndexW
SHGetDiskFreeSpaceA
SHGetFileInfo
ExtractIconA
SHFormatDrive

shlwapi

StrChrIA
StrChrW
StrCmpNW
StrRStrIA
StrStrIA
StrRChrIW
StrChrIW
StrChrA
StrCmpNIW
StrRChrIA
StrCmpNA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textx1
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textx2
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e488279a200b306827e03f34b24dc2a

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

Sections

.text Size: 2KB - Virtual size: 2KB

.textx1 Size: 276KB - Virtual size: 276KB

.data Size: 2KB - Virtual size: 2KB

.textx2 Size: 512B - Virtual size: 400B

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 452B

.text
Size: 2KB - Virtual size: 2KB

.textx1
Size: 276KB - Virtual size: 276KB

.data
Size: 2KB - Virtual size: 2KB

.textx2
Size: 512B - Virtual size: 400B

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 452B