afc400bb4f1f4664550bf15b8e11154b_JaffaCakes118

General

Target

afc400bb4f1f4664550bf15b8e11154b_JaffaCakes118
Size

184KB
MD5

afc400bb4f1f4664550bf15b8e11154b
SHA1

92b33da0b512498837176593aa7d118983d40a6f
SHA256

ee78745cb53e34376adfd8e3f34fe0e22663d9ec732ff398c7627cdb7c3cd546
SHA512

38f03a16bae1f082a7b44fca26a4cfe34296f1c202a7288a11af5dc8c763180c23fc8d98234dd5bb8ea24e68d1208f86531ec37e18dc2eaeab876fbd48ac1354
SSDEEP

3072:0FnZn3+1hb9x5Fngy6dHHxtw2f07AcGihHGOjkJuNW20O+m5Ewip7za0vggjV:eZONB1wHRS4UGILNW5O+m5TY7za0vgg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afc400bb4f1f4664550bf15b8e11154b_JaffaCakes118

Files

afc400bb4f1f4664550bf15b8e11154b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e34cbbdf73fca00cf0c6c1f3fdd823a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
FlushInstructionCache
WritePrivateProfileStringA
SetFilePointer
WriteFile
LoadLibraryExA
MultiByteToWideChar
MulDiv
GetProcAddress
FindNextFileA
EnumResourceNamesW
DeleteFileA
FreeLibrary
GetModuleHandleA
GlobalAlloc
GetExitCodeProcess
ReadFile
SetupComm
GetWindowsDirectoryA
FindClose
GetPrivateProfileStringA
FindFirstFileA
GlobalFree

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

advapi32

RegSetValueExA
RegEnumKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegDeleteValueA
RegQueryValueExA

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHFileOperationA
SHBrowseForFolderA
SHGetPathFromIDListA

rpcrt4

NdrComplexArrayFree
UuidCreate

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e34cbbdf73fca00cf0c6c1f3fdd823a2

Headers

File Characteristics

Imports

kernel32

comctl32

advapi32

ole32

version

shell32

rpcrt4

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 72KB - Virtual size: 72KB

.reloc Size: 1024B - Virtual size: 260KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 72KB - Virtual size: 72KB

.reloc
Size: 1024B - Virtual size: 260KB