120fd871d497df76a9fb06c3dce80138_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

120fd871d497df76a9fb06c3dce80138_JaffaCakes118
Size

77KB
MD5

120fd871d497df76a9fb06c3dce80138
SHA1

31e63a95417720bb4f36c5dd26b92bd722a02f4f
SHA256

61a8af705096066f39f471f4e0c8012a354847ac604bf844a728c4e28c7ec12e
SHA512

c0afb94234696cf602ef7791bbef521448884d79b10b58a74d904f683a4a2391fa78bb55786f7ec5f4cf89f68b2ec98583a6e716d501cc3641e3cea51fed3016
SSDEEP

1536:Nh76apPyqZMSkW4/Ady5AYqhTShcefrtfRlwWu8zngca:RZ2b/Ady5AYAAceztfRi8zngca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
120fd871d497df76a9fb06c3dce80138_JaffaCakes118

Files

120fd871d497df76a9fb06c3dce80138_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1933ca05865a83edf4447cbd6c736a2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

difftime
_mbsnbset
_ismbcprint

oleaut32

SysStringLen
VariantCopyInd
SysAllocStringLen
VariantClear

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

kernel32

OpenMutexW
GetTickCount
lstrcmpiW
GetLastError
CreateFileW
LocalReAlloc
WideCharToMultiByte
UnhandledExceptionFilter
CopyFileW
CreateMutexW
GetModuleFileNameW
GetFileAttributesW
GetWindowsDirectoryW
CreateDirectoryW
GetTempPathW
FormatMessageW
GetDriveTypeW
OpenEventW
GetProcAddress
GetSystemTimeAsFileTime
FindClose
ReadFile
GetCurrentDirectoryW
GetTimeFormatW
ReleaseMutex
LoadLibraryW
DeleteFileW
GetCurrentThreadId
GlobalFlags
MultiByteToWideChar
GetPrivateProfileStringW
lstrlenW
GetFullPathNameW
InterlockedDecrement
QueryDosDeviceW
GetDateFormatW
GetModuleHandleA
FreeLibrary
GetCurrentProcess
InterlockedExchange
SetLastError
SetUnhandledExceptionFilter
RaiseException
GetProcessHeap
HeapAlloc
FindFirstFileW
CloseHandle
GlobalFree
GetUserDefaultUILanguage
GlobalAlloc
SetFilePointer
GetDiskFreeSpaceExW
Sleep
GetPrivateProfileIntW
GetExitCodeProcess
InterlockedIncrement
QueryPerformanceCounter
LocalAlloc
GetStartupInfoA
GetPrivateProfileSectionW
CreateProcessW
LocalFree
SetCurrentDirectoryW
WriteFile
DeviceIoControl
GetCommandLineW
GetSystemDirectoryW
GetVersionExA
GetVolumeInformationW
ExpandEnvironmentStringsW
TerminateProcess
lstrlenA
LoadLibraryA
FindNextFileW
WaitForSingleObject
IsValidLocale
lstrcmpW
HeapFree
GetCurrentProcessId
GetLogicalDriveStringsW

user32

SetFocus
GetWindowInfo
SetForegroundWindow
IsRectEmpty
GetWindowDC

shlwapi

PathIsRelativeW
PathIsNetworkPathA
StrCmpLogicalW

comctl32

PropertySheetA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1933ca05865a83edf4447cbd6c736a2a

Headers

File Characteristics

Imports

msvcrt

oleaut32

shell32

kernel32

user32

shlwapi

comctl32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 25KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata Size: 60KB - Virtual size: 99KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 25KB

.rsrc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 60KB - Virtual size: 99KB