fc94dc6aac1e05bf7b682fd7c7d24798_JaffaCakes118

General

Target

fc94dc6aac1e05bf7b682fd7c7d24798_JaffaCakes118
Size

160KB
MD5

fc94dc6aac1e05bf7b682fd7c7d24798
SHA1

a22193d56db7e7a635e5e648494c47027f65bd14
SHA256

98a5820f7901a63783de2277835cfec7598672ad996e156b1e490b2638c527ac
SHA512

c0fab587eaf7ad36ab51c1439f04c283ff48d50797bee13180e94bcb38e450ce252bac59139b934cea3a4ec07d6f68dbb9340ca8aec7b8bb9845726a3e295538
SSDEEP

3072:f4V37h47nTlHLPgav1HmnME37CVBu58wmOUAwQ1XGgMpV1:f4VKnprD8MteCwmOUDOTM31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc94dc6aac1e05bf7b682fd7c7d24798_JaffaCakes118

Files

fc94dc6aac1e05bf7b682fd7c7d24798_JaffaCakes118
.exe windows:4 windows x86 arch:x86

923d9abbcb54a172a178ea361da52b57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeW
PathCombineW
UrlGetPartW
UrlCombineW
UrlApplySchemeW
PathAppendW

msimg32

TransparentBlt

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

LoadLibraryExW
CreateProcessA
lstrlenW
QueryPerformanceCounter
HeapReAlloc
GetCurrentThreadId
HeapFree
UnhandledExceptionFilter
GetLocaleInfoA
HeapAlloc
RaiseException
InterlockedCompareExchange
MultiByteToWideChar
CreateFileW
WriteFile
TerminateProcess
Sleep
HeapDestroy
GetProcessHeap
EnumResourceTypesW
GetTickCount
HeapSize
LocalAlloc
SetUnhandledExceptionFilter
GetCurrentProcessId
GetACP
SystemTimeToFileTime
InterlockedExchange
GetThreadLocale
GetEnvironmentVariableA
ResetWriteWatch
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleA
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapFree
CloseHandle
GetStdHandle
GetSystemTime
lstrlenA
GetStartupInfoA
LoadLibraryW
lstrcpynW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

923d9abbcb54a172a178ea361da52b57

Headers

File Characteristics

Imports

shlwapi

msimg32

wtsapi32

oleacc

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 409KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 409KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 512B - Virtual size: 4KB