adb1e1c99ef48b9e150f960566b31844_JaffaCakes118

General

Target

adb1e1c99ef48b9e150f960566b31844_JaffaCakes118
Size

229KB
MD5

adb1e1c99ef48b9e150f960566b31844
SHA1

db02b06869a9fa62ea2bb73234072454faf6c504
SHA256

edc9ecd0a1e30d94cf95467089cee1aac4fc25adfdd1cb33be64dcaeac7ae568
SHA512

261eba445b7b006e1b348ddbbab09870435108c8ae521ea16bdeae983a938e8dde86093b8301169d3588bbb87befb579ec8816eff4ef931fb9792e203ac4519f
SSDEEP

6144:vg/e1ExteM9AqseUUke8Bw4OT5TeRklefLIAjIuQAb:4/e1qtzuCtkKlTwulGk91u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adb1e1c99ef48b9e150f960566b31844_JaffaCakes118

Files

adb1e1c99ef48b9e150f960566b31844_JaffaCakes118
.exe windows:4 windows x86 arch:x86

412b41f0372a0c783c06a9ee2e30f9de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegEnumKeyA
RegOpenKeyExA

shell32

SHGetFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
SHGetSpecialFolderLocation

kernel32

HeapFree
LoadLibraryA
GetOEMCP
InitializeCriticalSection
LoadResource
VirtualAlloc
ExitProcess

version

VerFindFileA
GetFileVersionInfoA

gdi32

CreateBrushIndirect
CreatePenIndirect
CreateCompatibleDC
SaveDC
GetObjectA
SetPixel

user32

IsZoomed
wsprintfA
LoadCursorA
GetFocus
CharUpperA
KillTimer

ole32

StgOpenStorage
StringFromIID
CoRegisterClassObject
CreateOleAdviseHolder
CoGetMalloc

Exports

Exports

bx3@12
_Q52
2t
V@24
h
_3V@24
_cC@8

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

412b41f0372a0c783c06a9ee2e30f9de

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

version

gdi32

user32

ole32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.data Size: 163KB - Virtual size: 218KB

.tls Size: 1024B - Virtual size: 783B

.rdata Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 45KB - Virtual size: 45KB

.data
Size: 163KB - Virtual size: 218KB

.tls
Size: 1024B - Virtual size: 783B

.rdata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB