94ea80d5062fcdc909a79278ac621c20_JaffaCakes118

General

Target

94ea80d5062fcdc909a79278ac621c20_JaffaCakes118
Size

160KB
MD5

94ea80d5062fcdc909a79278ac621c20
SHA1

53c525327d881c207a8f1e0a04352322e3f3172a
SHA256

3414a53b87d4d27c8c400b26737b9ad40313765feddd8e0cf3464b77585624e5
SHA512

a15125f22840ebe1aa20832db97ebfbec32dfbb462a89488ad5805575735025015fb3af5e309aa0eca79785cb8c8fce72b8bd56e7a9ed47c91e3eeb7492a5617
SSDEEP

3072:XZof/wh/aG0cV/2EfaSV6UjZkbPhcslzQKzH7lre:mf/wh/ayVBJVGF5QKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ea80d5062fcdc909a79278ac621c20_JaffaCakes118

Files

94ea80d5062fcdc909a79278ac621c20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3299a1ea868ec5595eedd2fc62592d1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
UrlCombineW
UrlGetPartW
UrlCanonicalizeW
UrlApplySchemeW
PathAppendW

wtsapi32

WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
WTSRegisterSessionNotification

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

HeapAlloc
GetLocaleInfoA
GetACP
IsDebuggerPresent
HeapFree
QueryPerformanceCounter
lstrlenW
CreateFileW
RaiseException
LocalAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
CloseHandle
CreateProcessA
GetTickCount
LoadLibraryExW
InterlockedExchange
lstrlenA
HeapSize
GetSystemTime
LoadLibraryW
EnumResourceTypesW
MultiByteToWideChar
SystemTimeToFileTime
GetEnvironmentVariableA
UnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleA
ResetWriteWatch
Sleep
HeapReAlloc
GetCurrentProcessId
HeapFree
GetThreadLocale
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
GetStartupInfoA
WriteFile
HeapDestroy
GetProcessHeap
InterlockedCompareExchange
GetStdHandle
lstrcpynW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3299a1ea868ec5595eedd2fc62592d1e

Headers

File Characteristics

Imports

shlwapi

wtsapi32

msimg32

oleacc

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 409KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 409KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 512B - Virtual size: 4KB