096d9ccbb87c3257bdd3a2808717aa6e_JaffaCakes118

General

Target

096d9ccbb87c3257bdd3a2808717aa6e_JaffaCakes118
Size

148KB
MD5

096d9ccbb87c3257bdd3a2808717aa6e
SHA1

13108bdf31abba54711e96adfa0c8a86c2a02341
SHA256

05b8174cec92cee2545a810d236e2b852af168088c0e317f2b8db83d94d54277
SHA512

1559dd4ab115fb691022cf16c1efaac91e3121a6eee293b9cfbe544daeaa4c8e2f1e1d253974834b1a6982a51bf9edacad5f1935744c655b4a97728c454d0e98
SSDEEP

1536:WDf7gYtEGoeg9bCYOkKha/Cw7FwjJKkRholSqTX7WgfKJDAMsqZec3PNugggLVAl:8fUYtwVh2halFo3RSd7Cic/Ne3Vdl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
096d9ccbb87c3257bdd3a2808717aa6e_JaffaCakes118

Files

096d9ccbb87c3257bdd3a2808717aa6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9543f3475473da0c442272c8ac0aabff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteValueA
StrStrA
SHQueryInfoKeyA

kernel32

SetErrorMode
GetProcessHeap
EnterCriticalSection
ExitThread
CompareStringA
ExitProcess
GetFileType
LocalAlloc
SetThreadLocale
SetEvent
lstrcmpiA
GetStringTypeA
GetSystemDefaultLangID
GlobalFindAtomA
VirtualFree
lstrcmpA
LocalReAlloc
SizeofResource
GetCommandLineA
RaiseException
GetProcAddress
GetStdHandle
ResetEvent
LoadResource
GetLastError
Sleep
lstrcpynA
VirtualQuery
GetEnvironmentStrings
GetLocaleInfoA
GetTickCount
SetLastError
GetOEMCP
GetCurrentProcessId
WaitForSingleObject
GetCPInfo
FormatMessageA
FreeLibrary
LoadLibraryExA
GetLocalTime
SetEndOfFile
GetDateFormatA
HeapFree
CreateThread
GlobalDeleteAtom
MulDiv
VirtualAlloc
HeapDestroy
MoveFileA
CloseHandle
HeapAlloc
CreateFileA
GetCurrentThread

user32

EnumChildWindows
DefFrameProcA
CharLowerBuffA
GetClientRect
GetMenu
GetActiveWindow
CallNextHookEx
GetCursor
GetDC
RegisterClassA
DrawEdge
GetMenuItemCount
IsDialogMessageA
IsMenu
GetMenuItemID
CharToOemA
DrawTextA
GetCursorPos
CharLowerA
GetIconInfo
BeginPaint
IsWindowEnabled
CheckMenuItem
GetClipboardData

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 134KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9543f3475473da0c442272c8ac0aabff

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 134KB - Virtual size: 222KB

.init Size: 512B - Virtual size: 166B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 134KB - Virtual size: 222KB

.init
Size: 512B - Virtual size: 166B