bf0bdadc3f306bc85a52913d619876a6_JaffaCakes118

General

Target

bf0bdadc3f306bc85a52913d619876a6_JaffaCakes118
Size

181KB
MD5

bf0bdadc3f306bc85a52913d619876a6
SHA1

56e688681ab0eb5e82875bef83276d1239e2176e
SHA256

d521168a80e00f7a240975b0bbde3568acec37ef25e66ef2bca5d1304ba79341
SHA512

38142046fecd84f7ea8ee5a85dd7f0901a7948ce679cbbad8e08ab49e480fad45637a49b8f64d2390c7dc6f800e88aa311870782d7dd062ba22c3dda5c8bd241
SSDEEP

3072:uFCfC55+z3w/dXfgoT4h8Any8MFz3jRTJ20u1I691u7R0GkT7w:uFd5Og/dXfgDh5iZjR80S94k4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0bdadc3f306bc85a52913d619876a6_JaffaCakes118

Files

bf0bdadc3f306bc85a52913d619876a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24d1be6ed1717ba27cabe7069598a4cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

rpcrt4

NdrComplexArrayFree
UuidCreate

advapi32

RegEnumKeyA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA

kernel32

GetExitCodeProcess
FlushInstructionCache
MulDiv
FindClose
WriteFile
FindFirstFileA
DeleteFileA
WritePrivateProfileStringA
SetFilePointer
WaitForSingleObject
GetModuleHandleA
FreeLibrary
GlobalAlloc
EnumResourceNamesW
ReadFile
MultiByteToWideChar
SetupComm
GetProcAddress
GetWindowsDirectoryA
FindNextFileA
GetPrivateProfileStringA
LoadLibraryExA
GlobalFree

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHFileOperationA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24d1be6ed1717ba27cabe7069598a4cf

Headers

File Characteristics

Imports

version

comctl32

rpcrt4

advapi32

kernel32

shell32

ole32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 65KB

.reloc Size: 1024B - Virtual size: 388KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 65KB

.reloc
Size: 1024B - Virtual size: 388KB