01080992f07753e468e1dd2eb377cabe_JaffaCakes118

General

Target

01080992f07753e468e1dd2eb377cabe_JaffaCakes118
Size

179KB
MD5

01080992f07753e468e1dd2eb377cabe
SHA1

de55d411a2c8c5c03eba3ac441b0d42d4c2f0f40
SHA256

07743dff06a60760c7b3b9d41d7bae7218fa389cc1c1b46be978bf178825e60d
SHA512

b1950f5ede0b8a8c1d2b494d95c4ce91735cc0f1f2995112133d10c7b9917a72226df9b31fd7458caece5947e4dbd616136d6003ea1f0b99648f7a7a6d1d5899
SSDEEP

3072:aHkGBoRpiilpKLnQFVRei0WGCG6gVJWPdx8c5CigDazgDgeGX+RNC1EOywdDHk4B:DlgnQnRei05CG0Psc5lsazjeQiCtA4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01080992f07753e468e1dd2eb377cabe_JaffaCakes118

Files

01080992f07753e468e1dd2eb377cabe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df0ab5fcaf2d66ad58e84dc714ff457d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
FreeLibrary
FlushInstructionCache
DeleteFileA
GetExitCodeProcess
GlobalAlloc
FindClose
WritePrivateProfileStringA
LoadLibraryExA
MultiByteToWideChar
GetPrivateProfileStringA
GetModuleHandleA
EnumResourceNamesW
SetFilePointer
GetProcAddress
WriteFile
MulDiv
SetupComm
GetWindowsDirectoryA
WaitForSingleObject
ReadFile
FindFirstFileA
GlobalFree

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked

advapi32

RegCloseKey
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA

rpcrt4

NdrComplexArrayFree
UuidCreate

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df0ab5fcaf2d66ad58e84dc714ff457d

Headers

File Characteristics

Imports

kernel32

version

ole32

comctl32

advapi32

shell32

rpcrt4

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 71KB - Virtual size: 71KB

.reloc Size: 1024B - Virtual size: 392KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 71KB - Virtual size: 71KB

.reloc
Size: 1024B - Virtual size: 392KB