a4f261ef23d48f4e344fc218510d2268_JaffaCakes118

General

Target

a4f261ef23d48f4e344fc218510d2268_JaffaCakes118
Size

179KB
MD5

a4f261ef23d48f4e344fc218510d2268
SHA1

38e8bd84924a84a8e4be46f118138c71d0705a57
SHA256

3b124a14b7a81f046d79d5c5209dd137d40a9839bc6a70a52adc413ef905056d
SHA512

9d14ec8c22e5ca0d4e314955d63732ae7e1a08bac1cdf5437b365c6bec4820d4fcda5e98d9b2be2c70e9e2e3ada17c7f388c0d95c5136b1142ddf8edf54c2f8e
SSDEEP

3072:m+B/xT+qrFcoeQ+YYw7C2A+BMrY/4brBPTIMVKfHyjKbQH+SvW+UzFLJt5hg5az8:9/xTYoeQ+YpQhrusrB7b8SjWpAWRtt54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4f261ef23d48f4e344fc218510d2268_JaffaCakes118

Files

a4f261ef23d48f4e344fc218510d2268_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f77016cebf9d5c2a8551c5f42a629345

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
FileTimeToLocalFileTime
InterlockedIncrement
LockResource
MultiByteToWideChar
LoadResource
FindCloseChangeNotification
GetPrivateProfileStringW
GlobalLock
lstrcmpW
GetVersionExW
CloseHandle
lstrcpynW
FindNextChangeNotification
lstrcpyW
FindFirstFileW
WaitForSingleObject
DeleteFileW
GlobalUnlock
GlobalFree
FindResourceW
DeleteCriticalSection
FindClose
ResumeThread
GlobalSize
GetTickCount
GetVersion
EnumResourceTypesA
LoadLibraryA
SetFileAttributesW
GetPrivateProfileIntW
WritePrivateProfileStringW
FindFirstChangeNotificationW
WideCharToMultiByte
GlobalAlloc
GetLocaleInfoW
MulDiv
LoadLibraryW
IsValidCodePage
lstrlenW
GetCurrentDirectoryW
GetVersionExA
LoadLibraryExW
GetProcAddress
FileTimeToSystemTime
GetModuleHandleW
GetModuleFileNameW
Sleep
GetLastError
InitializeCriticalSection
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHGetFolderPathW
SHBrowseForFolderA
SHGetFileInfoA
CommandLineToArgvW
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteW
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77016cebf9d5c2a8551c5f42a629345

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 96KB - Virtual size: 95KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 512B - Virtual size: 4KB