95ccd5b948bb28fd6ce5fb5cd1c73e58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95ccd5b948bb28fd6ce5fb5cd1c73e58_JaffaCakes118
Size

140KB
MD5

95ccd5b948bb28fd6ce5fb5cd1c73e58
SHA1

d0616ad19f547989da72f7eab53a304f305a81bb
SHA256

83129cfde6a28ec3ac85e9342d2151bd807edaf705be036ca91f652561757e22
SHA512

56cbbd8b3bb0eb6e5ab667a2c682b2cf6946469d08e7a05a14bc571f37ce73aa84b873d734d428c62bce5a73adbd59983b23570c262e86a6e0b666dbe1061cd2
SSDEEP

3072:jxG1j5w/7VNt/dLFqaO4qR69FY9BQaiOw8ULnjRbK:FGzw/7Vj/XNODR6mBQaiOwpjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95ccd5b948bb28fd6ce5fb5cd1c73e58_JaffaCakes118

Files

95ccd5b948bb28fd6ce5fb5cd1c73e58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d51e6e0783a311bd65ab31f397c1b3a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHQueryValueExA
SHStrDupA
SHEnumValueA
SHSetValueA
SHQueryInfoKeyA
SHDeleteValueA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
FindTextA

kernel32

GetProcessHeap
HeapAlloc
GlobalAddAtomA
GetSystemDefaultLangID
LockResource
GetModuleHandleA
GetStdHandle
GetOEMCP
LoadLibraryExA
LoadResource
GlobalAlloc
lstrlenW
GetThreadLocale
RaiseException
InitializeCriticalSection
VirtualAllocEx
GetStartupInfoA
GetLocalTime
GetACP
GetVersion
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetProcAddress
IsBadReadPtr
HeapFree
GlobalFindAtomA
ExitThread
lstrlenA
GetTickCount
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
GetUserDefaultLCID
GetLastError
GetModuleHandleW
ExitProcess
GetModuleFileNameA

shell32

SHFileOperationA

msvcrt

wcstol
strncmp
asin
wcschr
exp
pow
strlen
tolower

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 527B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d51e6e0783a311bd65ab31f397c1b3a7

Headers

File Characteristics

Imports

shlwapi

comdlg32

kernel32

shell32

msvcrt

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 527B

DATA Size: 4KB - Virtual size: 882B

.hdata Size: 12KB - Virtual size: 9KB

.adata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 527B

DATA
Size: 4KB - Virtual size: 882B

.hdata
Size: 12KB - Virtual size: 9KB

.adata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB