185853730b566a8fed8ef3e23d12ca8a_JaffaCakes118

General

Target

185853730b566a8fed8ef3e23d12ca8a_JaffaCakes118
Size

59KB
MD5

185853730b566a8fed8ef3e23d12ca8a
SHA1

620487ff2b0141ea2693139de47550169cd5ba93
SHA256

884c77e01cab2e85311ebcd705e0fd6903218478e5d4a30585920258dd11bf4d
SHA512

60c17ecce16b05cd6999607d685cb8b6fd2d4753fdb9f81d3de3d995314bcac9bfd21bd76bcbc15918683fc47538e9642f17139b91e413c595398e6d661b63e1
SSDEEP

768:dUoVuJZg2Zmh7qOHVmaep1npnYQoqG1YLXbKiHm2bf1HZ7uxffwJd//t:dUfJe2Zmh7hEaO1pYQWqrPz957Yw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
185853730b566a8fed8ef3e23d12ca8a_JaffaCakes118

Files

185853730b566a8fed8ef3e23d12ca8a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ad107ecafc3aa3b84bc46b74cb7ac48b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetStartupInfoA
IsBadWritePtr
IsBadReadPtr
GetModuleHandleW
GetFileSize
SetEvent
CreateEventA
GetLastError
WideCharToMultiByte
CloseHandle
ReadFile
SetEndOfFile
WriteFile
GetVersionExA
CreateFileA
CreateFileW
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
FindFirstFileA
FindFirstFileW
GetTempFileNameA
GetTempFileNameW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
SetFilePointer
GetTempPathW
GetDriveTypeW
GetDriveTypeA
GetVolumeInformationA
CreateMutexA
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
lstrcmpiA
GetCommandLineA
InitializeCriticalSection
GetModuleFileNameA
lstrlenA
DeleteCriticalSection
lstrlenW
GetShortPathNameA
GetModuleHandleA
InterlockedIncrement
FreeLibrary
CreateThread
LoadLibraryA
lstrcpyA
lstrcatA
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetProcAddress

user32

DrawTextW
GetIconInfo
GetSysColor
GetDC
ReleaseDC

shell32

ShellExecuteExW
ord201
SHGetPathFromIDListW
Shell_NotifyIconW
FindExecutableW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad107ecafc3aa3b84bc46b74cb7ac48b

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 54B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 54B