8be5805f72836d36ca7ede28d13f01fc_JaffaCakes118

General

Target

8be5805f72836d36ca7ede28d13f01fc_JaffaCakes118
Size

158KB
MD5

8be5805f72836d36ca7ede28d13f01fc
SHA1

814d9e6c9c92317e03ec14069aceef4897d0f5ff
SHA256

ee68c077afc6cc0efff1ce86b19de24cb696fdb7c67798f272ab6ad56defa933
SHA512

712df4abc03c3c0a277f4521e2d7b47e0687eab7a0c8f0f9e5a8d8ea4e4b8f7e8e00acbf5e53872fae7c282a4d74bb5bce165c9d7f000f496db04f027314302e
SSDEEP

3072:kfSurH7XO9bgou74ymGxf/EyZhWaPlzL+2/+V7PKMSg0:UjOde8bGx/bWWlzL+2+7PH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8be5805f72836d36ca7ede28d13f01fc_JaffaCakes118

Files

8be5805f72836d36ca7ede28d13f01fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5669cd24b601f17d4d1438dbd3d10ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetFileInfoA
SHFileOperationA

user32

GetActiveWindow
LoadCursorA
LoadIconA
FrameRect
GetWindow
GetSysColorBrush
FillRect
GetMenu
FindWindowA

ole32

CoGetContextToken
StgCreateDocfileOnILockBytes
CoRevokeClassObject
GetHGlobalFromStream
OleRun
OleRegGetUserType
CoRegisterClassObject
CLSIDFromString

kernel32

VirtualAlloc
ExitProcess
GetTempPathA
GetCurrentProcess
DeleteCriticalSection
CompareStringA
GetFileSize
LoadLibraryA
FreeResource
WriteFile
WideCharToMultiByte
MoveFileA
LocalFree
GetModuleFileNameA
GetDiskFreeSpaceA
VirtualFree
GetCommandLineW
EnumCalendarInfoA
GetDateFormatA
MulDiv
GlobalAddAtomA
lstrcatA
GetEnvironmentStrings

Exports

Exports

_2fU0uxrAjJt0xE@4
e_Rvjhm@4
jyyeIhZz9n

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5669cd24b601f17d4d1438dbd3d10ac

Headers

File Characteristics

Imports

shell32

user32

ole32

kernel32

Exports

Exports

Sections

CODE Size: 32KB - Virtual size: 32KB

.rdata Size: 11KB - Virtual size: 122KB

.data Size: 102KB - Virtual size: 101KB

.idata Size: 1KB - Virtual size: 1KB

.tdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

CODE
Size: 32KB - Virtual size: 32KB

.rdata
Size: 11KB - Virtual size: 122KB

.data
Size: 102KB - Virtual size: 101KB

.idata
Size: 1KB - Virtual size: 1KB

.tdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB