a3eb6d262c67cacebb3ff5af33b8ddab_JaffaCakes118

General

Target

a3eb6d262c67cacebb3ff5af33b8ddab_JaffaCakes118
Size

76KB
MD5

a3eb6d262c67cacebb3ff5af33b8ddab
SHA1

003345e3e4a4872b8a1a600c385ded84ba0b4ef7
SHA256

04756fe89bf809fbf6c509022f00c0516652a39b750104ec02370ef8924c1b5d
SHA512

7726af256bf37fd0e08834b5c4e96afa5f4c90170081c6384e0087d4d0aa79cbc329c6881af98b7aadff1a8c8e7457d9d02909d5bb328a72fe22b6655235daaf
SSDEEP

1536:DeOlYE4uvD4wcJqdp08Nav341rAkGIPiKlGdSMin7idHn5SjcJ:qOlYE4uvDCJAp03FdI6yQSMyudHns6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3eb6d262c67cacebb3ff5af33b8ddab_JaffaCakes118

Files

a3eb6d262c67cacebb3ff5af33b8ddab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41755b97eb0a5c67da54d1393920f5cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHGetMalloc
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA
RegEnumValueA
RegQueryValueExA
RegCreateKeyExA

kernel32

HeapFree
InterlockedExchange
ReleaseSemaphore
GetLongPathNameW
LCMapStringW
GetProcessHeap
WaitForSingleObject
GetVersionExA
TermsrvAppInstallMode
SetInformationJobObject
GetModuleHandleA
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsW
GetProcAddress
CreateProcessW
GetTempPathA
ActivateActCtx
GetCurrentProcess
GetCurrentDirectoryW
GetFileSize
FreeLibrary
CreateProcessA
WriteFile
SetFilePointer
CreateFileA
SetLastError
ReadFile
GetStartupInfoA
ExitProcess
GetThreadLocale
LoadLibraryA
HeapAlloc
CreateDirectoryA
GetUserDefaultUILanguage
GetLogicalDriveStringsA
CloseHandle
HeapReAlloc
GetStringTypeA
CreateFileW
MapViewOfFile
GlobalMemoryStatusEx
GetStringTypeW
CreateFileMappingA
LocalLock
LCMapStringA
LocalFree
GetTempPathW
Sleep
GetTempFileNameW
GetModuleFileNameW
GetCommandLineA

ole32

CoQueryClientBlanket
OleBuildVersion
CreateDataAdviseHolder
CoLockObjectExternal

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41755b97eb0a5c67da54d1393920f5cc

Headers

File Characteristics

Imports

shell32

advapi32

kernel32

ole32

version

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 29KB

.rsrc Size: 2KB - Virtual size: 1KB

.rdata Size: 60KB - Virtual size: 95KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 29KB

.rsrc
Size: 2KB - Virtual size: 1KB

.rdata
Size: 60KB - Virtual size: 95KB