95cf9d937488f31e7286eef3b92b03f8_JaffaCakes118

General

Target

95cf9d937488f31e7286eef3b92b03f8_JaffaCakes118
Size

174KB
MD5

95cf9d937488f31e7286eef3b92b03f8
SHA1

7b219786d9f9ad17c330e457331439253fcc824b
SHA256

9481a97db1353f799c8f1428fb3cf88bf95734e39d6094f5affb130b7411e32f
SHA512

15abb51ed61c7b42b6047b878eadf639612bf3bf38f74ff6af224671f7c136b31b54a7b34f4f1ce6bb60a4262f45bb66156c590710063fad9990b2d62fd4b48a
SSDEEP

3072:oNZf7v9JgJxZ8mc7g5Q2zltDSLHdXWSxR8Y17Kguvv48E20GVGuB/LFwmHt4:oNZ5JgJIjg5QA8dhO27Kgu33Ejm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95cf9d937488f31e7286eef3b92b03f8_JaffaCakes118

Files

95cf9d937488f31e7286eef3b92b03f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e9b1bf9366186c3e643f4cd5a43c0da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlApplySchemeW
UrlGetPartW
UrlCanonicalizeW
UrlCombineW
PathCombineW
PathAppendW

oleacc

LresultFromObject
AccessibleObjectFromEvent

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

HeapDestroy
HeapAlloc
HeapFree
GetCurrentProcessId
GetSystemTime
GetStdHandle
GetCurrentThreadId
LoadLibraryW
CloseHandle
GetModuleHandleA
HeapSize
Sleep
IsDebuggerPresent
HeapFree
GetCurrentProcess
GetTickCount
GetProcessHeap
UnhandledExceptionFilter
lstrlenA
WideCharToMultiByte
GetEnvironmentVariableA
MultiByteToWideChar
InterlockedExchange
WriteFile
SetUnhandledExceptionFilter
EnumResourceTypesW
ResetWriteWatch
SystemTimeToFileTime
InterlockedCompareExchange
GetThreadLocale
GetACP
HeapReAlloc
GetStartupInfoA
GetSystemTimeAsFileTime
CreateFileW
lstrlenW
CreateProcessA
TerminateProcess
LocalAlloc
GetLocaleInfoA
QueryPerformanceCounter
LoadLibraryExW
RaiseException
lstrcpynW

msimg32

TransparentBlt

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e9b1bf9366186c3e643f4cd5a43c0da

Headers

File Characteristics

Imports

shlwapi

oleacc

wtsapi32

kernel32

msimg32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 2KB - Virtual size: 153KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 2KB - Virtual size: 153KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB