eb31fcb4096f9c2ba5574462a41c4f7a_JaffaCakes118

General

Target

eb31fcb4096f9c2ba5574462a41c4f7a_JaffaCakes118
Size

178KB
MD5

eb31fcb4096f9c2ba5574462a41c4f7a
SHA1

2cfc2944b8c1401a510006815e532cd63b722069
SHA256

922e58560ac3184dbfa6a3d1a799b5b2c46eab6327bdb238d8ea6a1c09515cd5
SHA512

d3fc62f38678ca6b8bcf0e255fbbe3a6ee6c826f462ba14c7daf8272fe23cf892e0d8cb37ea96dd6f00d12f270a94c445ce7f593b8416dc446d49a29f304c096
SSDEEP

3072:6w8JzVHF12ZUjoovuOu7N+NJpF2k7wun673zXbZrkPummmFtktAmmRir:0JzH77uOu8jxk9rzlC7mmMr0ir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb31fcb4096f9c2ba5574462a41c4f7a_JaffaCakes118

Files

eb31fcb4096f9c2ba5574462a41c4f7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a44df316d2a85e0fed2c74b7aeb93f3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHFileOperationA
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetExitCodeProcess
ReadFile
MulDiv
FlushInstructionCache
LoadLibraryExA
WaitForSingleObject
GetWindowsDirectoryA
WritePrivateProfileStringA
GetModuleHandleA
MultiByteToWideChar
EnumResourceNamesW
FindFirstFileA
FreeLibrary
WriteFile
SetupComm
FindNextFileA
GetPrivateProfileStringA
GlobalAlloc
DeleteFileA
SetFilePointer
GetProcAddress
FindClose
GlobalFree

rpcrt4

NdrComplexArrayFree
UuidCreate

advapi32

RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a44df316d2a85e0fed2c74b7aeb93f3f

Headers

File Characteristics

Imports

shell32

ole32

version

kernel32

rpcrt4

advapi32

comctl32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 116KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 116KB