a8f3450ec39604735402a6ba449ee9f8_JaffaCakes118

General

Target

a8f3450ec39604735402a6ba449ee9f8_JaffaCakes118
Size

169KB
MD5

a8f3450ec39604735402a6ba449ee9f8
SHA1

7392eceb9d9a766e6e9d4040c83a5c5d03800c82
SHA256

ca77559dc097720a381a1a3cff007fab544be30c3b81933187a21904f339709c
SHA512

e4be8486b4089a60ace5161f8723a6ae1d01b834de8cd29745f7f2ad8a92d47e626d1293905a69ef995091b002b077262e2ed83f24e68f13e787f3665511d5ff
SSDEEP

3072:AessWMeheNizx+ZADVwFeZtQUK2oTxQmwWxi0ERTFfhg9eOttM9AEsjG4in66p:AjWYGFeERNFwWaZFfCoO3M7sAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8f3450ec39604735402a6ba449ee9f8_JaffaCakes118

Files

a8f3450ec39604735402a6ba449ee9f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e469aef368a8363c71b093d2daa7cc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoRevokeClassObject
StringFromCLSID

shlwapi

PathCombineW
PathFileExistsW

kernel32

lstrcpyA
GetACP
lstrlenW
GetTickCount
GlobalAlloc
GlobalFree
GetProcessId
lstrcpyA
GetCPInfo
InitializeCriticalSection
lstrcpyW
OutputDebugStringW
FindClose
EnumResourceNamesW
lstrcmpiW
WideCharToMultiByte
FreeEnvironmentStringsW
GetLastError
LockResource
MultiByteToWideChar
CreateFileMappingW
GetModuleHandleW

user32

wsprintfW
SendMessageA
GetDC
DispatchMessageW
SetTimer
KillTimer
CharUpperW
PostThreadMessageW
TranslateMessage
GetMessageW
CharNextW
UnregisterClassA

advapi32

RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e469aef368a8363c71b093d2daa7cc1

Headers

File Characteristics

Imports

ole32

shlwapi

kernel32

user32

advapi32

oleacc

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 62KB - Virtual size: 61KB

.isete Size: 1024B - Virtual size: 248KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 62KB - Virtual size: 61KB

.isete
Size: 1024B - Virtual size: 248KB