0666a64a8521fea784c71887e593721a_JaffaCakes118

General

Target

0666a64a8521fea784c71887e593721a_JaffaCakes118
Size

172KB
MD5

0666a64a8521fea784c71887e593721a
SHA1

6c26c93b514c8be6b94b22d4ba6e7c9ceb2ceb2d
SHA256

473dc75f5327b653846cbd78e8345f44c37985a0182b43580e2cbf73c7258b51
SHA512

8e929d7df2fffa23de172963872cd46dee8de2be6eedfc24bda9ed7cf427de3639acce1a05fbe7e03562a676a2b46f94bf5b7b4a55f4c79de250dc604c9d26e1
SSDEEP

3072:UtvzsKTCLrWFjYjWezA6q6D5meyLV1nPwIUSXycc:UQI1ajWeUE5abtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0666a64a8521fea784c71887e593721a_JaffaCakes118

Files

0666a64a8521fea784c71887e593721a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5291131305eb989ef74dd2cab8f98269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

StrRetToStrA
SHCreateStreamOnFileEx
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
PathCreateFromUrlW

kernel32

CreateFileW
GlobalHandle
OpenProcess
FindAtomW
LocalAlloc
GetModuleFileNameW
ProcessIdToSessionId
GetLocaleInfoW
Sleep
InterlockedExchange
lstrcmpW
InterlockedIncrement
HeapSetInformation
GetProcessId
lstrlenA
GlobalLock
GlobalUnlock
lstrlenW
GetCurrentProcess
WaitForMultipleObjects
GlobalFree
GetSystemDirectoryW
RaiseException
EnumResourceLanguagesW
GlobalAlloc
MultiByteToWideChar
GetTickCount
GetStringTypeW
InterlockedDecrement
MulDiv
CreateThread
EnterCriticalSection
DeleteCriticalSection
FormatMessageW
FlushInstructionCache
SetLastError
InitializeCriticalSection
GetComputerNameW
CloseHandle
WaitForSingleObject
LeaveCriticalSection
WideCharToMultiByte

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 86KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5291131305eb989ef74dd2cab8f98269

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

oleacc

Sections

.text Size: 86KB - Virtual size: 481KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 82KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 481KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 82KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB