117b1034261e80599dbabb5d128f84cd_JaffaCakes118

General

Target

117b1034261e80599dbabb5d128f84cd_JaffaCakes118
Size

59KB
MD5

117b1034261e80599dbabb5d128f84cd
SHA1

455d56739e55840a0878b7ae8c82c1bdaeee49f9
SHA256

aded954376ba497c4392a09f470117794c0982bb74b9506c86518866db2b8c18
SHA512

cabd72f6790144fd1c0d7fb970203543eb54ce18347acf797876b1b40ac90486c03abe1092510a6ee70be9676f36e6b0a1cacba8ab2bd0966574c3883cfb355b
SSDEEP

768:++vHBJimpOQ43MybaIm5VVtfnradUhz5EiA5pRvdPrKU0AiUNrkt0ksOar//:xBJiUOQPXxnQUhmZrb0Wuty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
117b1034261e80599dbabb5d128f84cd_JaffaCakes118

Files

117b1034261e80599dbabb5d128f84cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

095c9e1c88112abcb4fa2deadd19724c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetStartupInfoA
IsBadWritePtr
IsBadReadPtr
GetModuleHandleW
GetFileSize
SetEvent
CreateEventA
GetLastError
WideCharToMultiByte
CloseHandle
ReadFile
SetEndOfFile
WriteFile
GetVersionExA
CreateFileA
CreateFileW
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
FindFirstFileA
FindFirstFileW
GetTempFileNameA
GetTempFileNameW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
SetFilePointer
GetTempPathW
GetDriveTypeW
GetDriveTypeA
GetVolumeInformationA
CreateMutexA
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
lstrcmpiA
GetCommandLineA
InitializeCriticalSection
GetModuleFileNameA
lstrlenA
DeleteCriticalSection
lstrlenW
GetShortPathNameA
GetModuleHandleA
InterlockedIncrement
FreeLibrary
CreateThread
LoadLibraryA
lstrcpyA
lstrcatA
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetProcAddress

user32

DrawTextW
GetIconInfo
GetSysColor
GetDC
ReleaseDC

shell32

ShellExecuteExW
ord201
ExtractAssociatedIconA
Shell_NotifyIconW
FindExecutableW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095c9e1c88112abcb4fa2deadd19724c

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 44B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 44B