bb5b83eab75eddc062fda5bd982189d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb5b83eab75eddc062fda5bd982189d0_JaffaCakes118
Size

146KB
MD5

bb5b83eab75eddc062fda5bd982189d0
SHA1

453c1863e61ff622ad7c1e296842391686ff68ff
SHA256

ed508fbd7a2ee5943daee5e5d46a9de8f83d108298b00660dd99c592f584fe66
SHA512

89e03368f346cfd4c4aba12828bac5491cae5bf199bbdace9f3438788619d1d7e18bdd2b757177730d44dbd39abb547a56a34b948514fe8f4f1316a6f9084c29
SSDEEP

3072:hQmzMdYCGVZVKFJgoWAXHBL5xk6jAeg4JWePwVwUFvh1BwWAQSV:YdYCGVebgoWAXBNxkcAegCkVlFvhnPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb5b83eab75eddc062fda5bd982189d0_JaffaCakes118

Files

bb5b83eab75eddc062fda5bd982189d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8b486b61a224439014d2339308fdcdbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

user32

GetWindowInfo
GetWindowDC
SetFocus
IsRectEmpty

comctl32

PropertySheetA

oleaut32

SysStringLen
VariantClear
VariantCopyInd
SysAllocStringLen

shlwapi

PathIsRelativeW
PathIsNetworkPathA
StrCmpLogicalW

kernel32

GetPrivateProfileSectionW
GetCommandLineW
SetLastError
LocalAlloc
GetUserDefaultLangID
GetExitCodeProcess
ExpandEnvironmentStringsW
VirtualQuery
TerminateProcess
WaitForSingleObject
GetFileAttributesW
FindNextFileW
LocalReAlloc
CloseHandle
LocalFree
GetVersionExA
QueryDosDeviceW
GetTimeFormatW
GetProcessHeap
IsValidLocale
WriteFile
GlobalFree
MultiByteToWideChar
GetVersion
GetModuleFileNameW
LoadLibraryA
IsBadStringPtrA
CreateMutexW
FindFirstFileW
GetLogicalDriveStringsW
lstrlenA
GetTickCount
OpenEventW
lstrcmpW
SetCommState
FreeLibrary
GetFullPathNameW
FormatMessageW
GetCurrentProcess
CreateFileW
GetVolumeInformationW
GetPrivateProfileIntW
lstrcmpiW
GetCurrentDirectoryW
Sleep
InterlockedDecrement
GetWindowsDirectoryW
DeviceIoControl
GetStartupInfoA
CopyFileW
InterlockedIncrement
HeapAlloc
GetDriveTypeW
GetDiskFreeSpaceExW
ReadFile
GetDateFormatW
FindClose
UnhandledExceptionFilter
GetTempPathW
GetCurrentThreadId
GetPrivateProfileStringW
WideCharToMultiByte
DeleteFileW
ReleaseMutex
RaiseException
GetSystemTimeAsFileTime
SetCurrentDirectoryW
GetProcAddress
GlobalAlloc
InterlockedExchange
lstrlenW
LoadLibraryW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemDirectoryW
SetUnhandledExceptionFilter
CreateDirectoryW
SetFilePointer
HeapFree
GetModuleHandleA
CreateProcessW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.txhclq
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 126KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b486b61a224439014d2339308fdcdbd

Headers

File Characteristics

Imports

shell32

user32

comctl32

oleaut32

shlwapi

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 123KB

.txhclq Size: 4KB - Virtual size: 3KB

.edata Size: 126KB - Virtual size: 243KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 123KB

.txhclq
Size: 4KB - Virtual size: 3KB

.edata
Size: 126KB - Virtual size: 243KB