f51b65f0604404ead47dbd752f488ba3_JaffaCakes118

General

Target

f51b65f0604404ead47dbd752f488ba3_JaffaCakes118
Size

333KB
MD5

f51b65f0604404ead47dbd752f488ba3
SHA1

450020f0138def184cae825cd9c2862c5d6319f2
SHA256

6f3e08b83e6e34eba4efed2ddfad4ba2efa82343a5f6b2c3b2deaa2ad015ec60
SHA512

1004363115c076fb27d21c51523ee19ff065c616f7cd2be8e9d488d3963bc3436d4a8257485de72e56b109cf1ea87c7d97dc756446928483f646445b10f2d10c
SSDEEP

6144:/cwriYlBZx0u9zmZmeU0D8iiXcCj641vQKRYFA0279g9fLA78dDQ3sScl:lFmZtaXcCj641oRG7q9M7CQyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f51b65f0604404ead47dbd752f488ba3_JaffaCakes118

Files

f51b65f0604404ead47dbd752f488ba3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8d858331c2ecd7b1bcd4e4d6ec57b53a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetProcessDefaultLayout
RegisterClassExA
TranslateMessage
CheckMenuItem
UpdateWindow
CreateDialogParamA
GetMessageA
HideCaret
SetDlgItemTextA
SendMessageA
DefWindowProcA
DialogBoxParamA
SystemParametersInfoA
GetMenu
IsClipboardFormatAvailable
BeginPaint
IsDialogMessageA
LoadStringA
DispatchMessageA
EnableMenuItem
CreateWindowExA
PostQuitMessage
DestroyWindow
ShowWindow
SetWindowTextA
GetSysColorBrush
LoadIconA
SetDlgItemInt

shell32

Shell_GetCachedImageIndex
SHGetPathFromIDList
DAD_ShowDragImage
SheGetDirA
IsUserAnAdmin
PifMgr_OpenProperties
SHLoadNonloadedIconOverlayIdentifiers
SHLimitInputEdit
SHBindToParent
PathIsSlowA
SHSimpleIDListFromPath
SHFree
PathGetShortPath
ILFindChild
RegenerateUserEnvironment
SHCreateQueryCancelAutoPlayMoniker
Shell_NotifyIcon
SHILCreateFromPath
Shell_GetImageLists
SHChangeNotifyDeregister
RestartDialogEx
SHCreateLocalServerRunDll
FindExecutableA
SHGetDesktopFolder
SHGetFileInfoA
WOWShellExecute
SHObjectProperties
DllUnregisterServer
DAD_SetDragImage
SHGetPathFromIDListA
Win32DeleteFile

kernel32

ReadFile
ReleaseMutex
GetLastError
GetProcessHeap
CreateMailslotA
GetCurrentProcessId
GetSystemTime
CloseHandle
SetFilePointer
CreateFileA
FileTimeToSystemTime
GetFileTime
ConnectNamedPipe
SetNamedPipeHandleState
CreateMutexA
FileTimeToDosDateTime
WaitNamedPipeA
OpenMutexA
WriteFileGather
GetVersion
VirtualAllocEx

Sections

.text
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d858331c2ecd7b1bcd4e4d6ec57b53a

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 298KB - Virtual size: 298KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 6KB - Virtual size: 300KB

.text
Size: 298KB - Virtual size: 298KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 6KB - Virtual size: 300KB