e7566bda4292061ffc04085a937aff74_JaffaCakes118

General

Target

e7566bda4292061ffc04085a937aff74_JaffaCakes118
Size

102KB
MD5

e7566bda4292061ffc04085a937aff74
SHA1

a8e7bbdcbc6fc6a26aa9a8e6c62151adbef2b873
SHA256

b1f70bd7d0c27a06e65aae69ae221a7f77d378177bf7c1faeccaf04e3bdc861f
SHA512

a08652164ed414c853fe0652074632c98c736dfe71b9f839b82a1e6ac16ac454a146de3da219419f7fb9900379701245c93678f32daf807e844050413e5d866f
SSDEEP

1536:DYEcifXxm0bcruEhOd0FI/o30CQSRXH2pGQQsVxpMLeyOIbn83qpoM2fdeZd:5dXGPuw3dQK2pGmxOLe283q0f0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7566bda4292061ffc04085a937aff74_JaffaCakes118

Files

e7566bda4292061ffc04085a937aff74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c71e1b1a736af9a7d573e79233105d52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
lstrcpynA
GetProcAddress
CreateDirectoryW
lstrcpyA
CreateWaitableTimerA
GetNumberFormatA
CopyFileW
GetLogicalDriveStringsA
FindNextFileA
MoveFileExA
FileTimeToSystemTime
GetStartupInfoA
GetProcessHeap
ReplaceFileW
CreateMutexW
DeleteFileW
GetDateFormatA
GetComputerNameExA
OpenSemaphoreA
GetModuleHandleA
RemoveDirectoryA
InterlockedDecrement
WriteFile
GetTickCount
GetBinaryTypeA
GetACP

odbctrac

TraceSQLError
TraceSQLFetch
TraceSQLBindCol

shell32

FindExecutableA
SHFileOperationA
ShellAboutA
SHGetFileInfoA
DragFinish
DuplicateIcon
DragAcceptFiles
SHGetMalloc
ShellMessageBoxA
DllRegisterServer
SHChangeNotify

uxtheme

GetCurrentThemeName
GetThemeEnumValue
DrawThemeEdge
OpenThemeData
GetThemeInt
GetThemeSysSize
IsThemeActive
CloseThemeData
GetThemeFont
GetThemeColor

shlwapi

PathIsRootA
UrlCanonicalizeW
PathCompactPathA
PathCommonPrefixA
UrlIsA
UrlCompareA
UrlUnescapeA
UrlGetPartA
UrlCreateFromPathA
UrlCombineA
UrlHashA
UrlGetLocationW
PathCombineA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c71e1b1a736af9a7d573e79233105d52

Headers

File Characteristics

Imports

kernel32

odbctrac

shell32

uxtheme

shlwapi

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB