aab27fe48f72f60b112cdbe9aa79cefe_JaffaCakes118

General

Target

aab27fe48f72f60b112cdbe9aa79cefe_JaffaCakes118
Size

286KB
MD5

aab27fe48f72f60b112cdbe9aa79cefe
SHA1

911e2b178cef112b859267a817eef7c0d64f4cef
SHA256

d4f427ed0b57375bbc1f81fd960fd5702061cd3cc3513041e4abb19d33431257
SHA512

d964c40d50aeabc37b7094b49b35c0b5ccb0f89efd83e30e7d79b0ac1e28241e8e1ca64aa18bbb6d1ed38205042dc59f98523f708023e9e02afa096ed7f133ef
SSDEEP

6144:PqoxvnCwTB3dg9UE1xNERpTOvrxhVzv1raDfpstp:Pqqpk9UQxNCTOvrxhVzv1yBsn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aab27fe48f72f60b112cdbe9aa79cefe_JaffaCakes118

Files

aab27fe48f72f60b112cdbe9aa79cefe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c72f13d54b2787b80d401cbf17506c7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

StrRetToStrA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
PathCreateFromUrlW

kernel32

FindAtomA
GlobalUnlock
GetLocaleInfoW
InterlockedExchange
OpenProcess
lstrlenA
CreateFileW
DeleteCriticalSection
HeapSetInformation
GetProcessId
EnterCriticalSection
GlobalFree
GetTickCount
lstrcmpW
FormatMessageW
InterlockedIncrement
SetLastError
CreateThread
InitializeCriticalSection
LeaveCriticalSection
ProcessIdToSessionId
GlobalAlloc
lstrlenW
EnumResourceLanguagesW
WaitForMultipleObjects
GetComputerNameW
Sleep
InterlockedDecrement
GlobalHandle
CloseHandle
MulDiv
MultiByteToWideChar
GetStringTypeA
GetModuleFileNameW
WaitForSingleObject
GetCurrentProcess
GlobalLock
RaiseException
LocalAlloc
FlushInstructionCache
GetSystemDirectoryW
WideCharToMultiByte

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 141KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c72f13d54b2787b80d401cbf17506c7f

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

oleacc

Sections

.text Size: 141KB - Virtual size: 273KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 141KB - Virtual size: 140KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 141KB - Virtual size: 273KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 141KB - Virtual size: 140KB

.rsrc
Size: 512B - Virtual size: 4KB