fe823e99bd48f0a0a6b63260a8420c1c_JaffaCakes118

General

Target

fe823e99bd48f0a0a6b63260a8420c1c_JaffaCakes118
Size

939KB
MD5

fe823e99bd48f0a0a6b63260a8420c1c
SHA1

94be9cf0cf93d3b157d9c6845d0a699b6649a2d4
SHA256

c8f92be3ba26926d3e5a4f3bfbc620a543dd63ba8802491e00c5c3c67126afbe
SHA512

d20571908236d602aab42657183fdbb93a72bd6099eabcfcdba9b1799df6bc8ed77e45b342fd509330cd18e606e13fdb11882eabffcc085179d79e1f0102a682
SSDEEP

24576:/8OgZP9IKA8BPQYha6TLnNREwqYP4/3EGihD:/8JPGKPQgRgw7g/3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe823e99bd48f0a0a6b63260a8420c1c_JaffaCakes118

Files

fe823e99bd48f0a0a6b63260a8420c1c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f9b57afe8e2e5b132c537432e68a2c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
RegisterWindowMessageA
CreateWindowExA
SetMenuDefaultItem
GetMessageA
GetAsyncKeyState
DestroyMenu
RegisterClassA
FindWindowA
CreatePopupMenu
MessageBoxA
GetWindowTextW
DefWindowProcA
DestroyIcon
GetCursorPos
PostQuitMessage
LoadStringW
DestroyWindow
DispatchMessageA
CharNextA
InsertMenuItemA
TrackPopupMenu
LoadImageA
EnableMenuItem
InsertMenuItemW
SetForegroundWindow
CharNextW

shlwapi

PathFileExistsA
StrToIntA

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey

msvfw32

DrawDibProfileDisplay
ICRemove

shell32

SHGetSpecialFolderPathA
ShellExecuteA
Shell_NotifyIconW

kernel32

GetModuleFileNameA
lstrcpynA
SetErrorMode
GetPrivateProfileStringA
ExitProcess
SetFilePointer
GetDriveTypeW
GetModuleHandleA
GetVolumeInformationW
GetTickCount
lstrlenW
CloseHandle
CreateFileA
GlobalAlloc
lstrlenA
lstrcpynW
GetEnvironmentVariableA
ReadFile
GetPrivateProfileIntA
GetLogicalDrives
FreeLibrary
LoadLibraryExA

Sections

.text
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f9b57afe8e2e5b132c537432e68a2c9

Headers

File Characteristics

Imports

user32

shlwapi

advapi32

msvfw32

shell32

kernel32

Sections

.text Size: 516KB - Virtual size: 516KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 405KB - Virtual size: 3.7MB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 516KB - Virtual size: 516KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 405KB - Virtual size: 3.7MB

.rsrc
Size: 14KB - Virtual size: 14KB