fdb27374252ddd49e388a5ee1ab465b4_JaffaCakes118

General

Target

fdb27374252ddd49e388a5ee1ab465b4_JaffaCakes118
Size

160KB
MD5

fdb27374252ddd49e388a5ee1ab465b4
SHA1

9f67f0d1b68ddcbe1595a1a5b52a68549c3ffc97
SHA256

de92d75e7695e2f74cc5ca2066aa4a583f3c8d5a0133b35c7f0856aef26b2324
SHA512

b890a0bd46e8da3e17d109ab5162fccfd2ed3737beb30102965445af62f9acda082cbc9de72575d593e8be4036d74a5e0b1f9197ba01e6d674b3996c361755af
SSDEEP

3072:WVY0KBbbvSCYoOKUcS4P/KEAZUBhZgGkDP5PKOsOeknOciAnqviLT:Wm0KBvDzOKtDPSEAZkhZgngaBiA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdb27374252ddd49e388a5ee1ab465b4_JaffaCakes118

Files

fdb27374252ddd49e388a5ee1ab465b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66d3a3a9b728a34e48f65b012f98ba6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetPartW
UrlCanonicalizeW
UrlApplySchemeW
PathCombineW
UrlCombineW
PathAppendW

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

HeapDestroy
HeapAlloc
LocalAlloc
HeapFree
GetThreadLocale
GetACP
WriteFile
CloseHandle
GetProcessHeap
GetCurrentProcess
CreateFileW
GetStartupInfoA
HeapSize
InterlockedExchange
LoadLibraryW
Sleep
TerminateProcess
GetModuleHandleA
SystemTimeToFileTime
RaiseException
GetLocaleInfoA
WideCharToMultiByte
lstrlenA
HeapReAlloc
EnumResourceTypesW
SetUnhandledExceptionFilter
GetCurrentProcessId
UnhandledExceptionFilter
HeapFree
GetEnvironmentVariableA
MultiByteToWideChar
ResetWriteWatch
GetCurrentThreadId
lstrlenW
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetSystemTime
GetTickCount
CreateProcessA
GetStdHandle
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
lstrcpynW

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSFreeMemory
WTSRegisterSessionNotification

msimg32

TransparentBlt

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66d3a3a9b728a34e48f65b012f98ba6e

Headers

File Characteristics

Imports

shlwapi

oleacc

kernel32

wtsapi32

msimg32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 409KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 409KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 512B - Virtual size: 4KB