e00f8ae3e42fc21612dc2b035f2a0256_JaffaCakes118

General

Target

e00f8ae3e42fc21612dc2b035f2a0256_JaffaCakes118
Size

180KB
MD5

e00f8ae3e42fc21612dc2b035f2a0256
SHA1

b7054a820ec33e6362af6f0c7421f0f5d1ae7d81
SHA256

c918f01bc1a3a90a999c24b207980a991bf184203c74b98c08f1ba3b4fdc1ab2
SHA512

be575922514753245e55b112cd4b6ba7fcaae9aa81fe11af6dd61f1dabea6d5e46eb486a26656604f98db737f9e0a3b1ae4b668cf066d1bf8c25fc21ce9d44b3
SSDEEP

3072:rKnvrT3qTYkXzO9Mv69P9iU6dLJA9NYX0ZWLlCKKBrJbarlTDK:+nvSTjC1FiU6dLJA70OW5nW1arlfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e00f8ae3e42fc21612dc2b035f2a0256_JaffaCakes118

Files

e00f8ae3e42fc21612dc2b035f2a0256_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33ff1702be89a93ce844a5e798e8ec92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord10
StrChrW

shell32

ord80
ord524
SHCreateDirectoryExW

gdi32

CopyMetaFileW
CreateRoundRectRgn
EndPath
RectVisible
DeleteMetaFile

comctl32

ord5
CreateToolbarEx
InitMUILanguage

kernel32

VirtualAllocEx
WaitForMultipleObjectsEx
GetProcAddress
GetModuleHandleA
Sleep
LoadLibraryA
CreateDirectoryW
CreateSemaphoreA
GetQueuedCompletionStatus
CreateEventA
GetTickCount
GetStringTypeExW
CreateFileW
GetPrivateProfileSectionA
GetFullPathNameW
GetStdHandle
SetCalendarInfoW
GetDateFormatW
GetNamedPipeInfo
GetDllDirectoryW
VirtualAlloc
ReadConsoleInputW
DeleteVolumeMountPointW
GetProfileSectionW
GetStartupInfoA

user32

IsRectEmpty
KillTimer
GetClassInfoW
GetAncestor
CreatePopupMenu
CallWindowProcW
PeekMessageW
DispatchMessageW
GetTabbedTextExtentW
CharNextExA
GetMonitorInfoW
ReleaseCapture
WindowFromPoint
SetLastErrorEx

msvcrt

ferror
atof
wcscoll
strstr
mblen
strcmp
swscanf
wcsncat
wcsncpy
feof
swprintf
mbstowcs
strtoul
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
malloc
memcpy
memmove
memset
strerror

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33ff1702be89a93ce844a5e798e8ec92

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 146KB - Virtual size: 196KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 146KB - Virtual size: 196KB