b7b3329d9844756d510321f6a8f3cb12_JaffaCakes118

General

Target

b7b3329d9844756d510321f6a8f3cb12_JaffaCakes118
Size

277KB
MD5

b7b3329d9844756d510321f6a8f3cb12
SHA1

e396972b86b15957d9a4115490511b0f29c5e04c
SHA256

62ae407fadcf3e6a20cb09fa3ee7b53acffc49acf415c7a70b0817c476415d3c
SHA512

78ff2f6dbf29a6b5050cb7b8b2ba37e4b5b74c3fc548a3f6420d328e5a2f920bf8b76abe2a43a0d0217c3e544942b3474794f43217544e34a047fbfb1c638b52
SSDEEP

6144:6HaXD/sjp39A06ksbZJK/mlN4v4nl07HhMxUbWED2KX6W2ZLpFw:6Haz/Yl9rPsVwulN4v4nlQHhMkDF6W6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7b3329d9844756d510321f6a8f3cb12_JaffaCakes118

Files

b7b3329d9844756d510321f6a8f3cb12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3257e6b012f0e51381f8b52b30274752

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrcpyW
GetCurrentThreadId
GlobalUnlock
GetAtomNameA
lstrcpynW
GetVersionExA
LoadLibraryA
FindResourceW
FindNextChangeNotification
lstrcmpW
LoadResource
InterlockedIncrement
DeleteFileW
GetLastError
Sleep
LoadLibraryW
DeleteCriticalSection
GetModuleFileNameW
FileTimeToLocalFileTime
CloseHandle
ResumeThread
GetFileAttributesW
GlobalLock
FindFirstChangeNotificationW
WideCharToMultiByte
EnumResourceTypesA
FindFirstFileW
GetModuleHandleW
lstrlenW
GetVersionExW
LoadLibraryExW
GlobalAlloc
FileTimeToSystemTime
GetVersion
GetLocaleInfoW
GlobalFree
FreeLibrary
WritePrivateProfileStringW
IsValidCodePage
GetCurrentDirectoryW
MultiByteToWideChar
FindCloseChangeNotification
LockResource
WaitForSingleObject
FindClose
GetPrivateProfileIntW
SetFileAttributesW
GlobalSize
GetProcAddress
InitializeCriticalSection
GetPrivateProfileStringW
MulDiv
SetThreadPriority

shell32

SHGetImageList
ShellExecuteExW
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationW
ShellExecuteW
SHGetFileInfoA
ShellExecuteExA
CommandLineToArgvW
SHGetFolderPathW
Shell_NotifyIconA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3257e6b012f0e51381f8b52b30274752

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 2KB - Virtual size: 133KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 2KB - Virtual size: 133KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 512B - Virtual size: 4KB