3e49bd1a4b5861e129f93d3fecceccf6_JaffaCakes118

General

Target

3e49bd1a4b5861e129f93d3fecceccf6_JaffaCakes118
Size

4.8MB
MD5

3e49bd1a4b5861e129f93d3fecceccf6
SHA1

2f6a791f4d9aff2bba288c19167f76e9786d5eb1
SHA256

362a88632cd646d46d580d3da8342e0b95bc666a8f54764e5c4153b6d8c7fdeb
SHA512

df122bec109423a9da2b4f259e6db97c156ba2d17b4aef8e8ea08c7bf838c078807f98afae3abfdd3a854844351855405cbde8459f42ea52219b0f4e26943633
SSDEEP

98304:exBTFkf42QOcqCb9GQ7adEEUOGV4t/Tv7fGRYtNPhW91l1vJpnv:eTFTnOs9GOaGEfGy/Tv7+sNPhGvvJpnv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/install.exe

Files

3e49bd1a4b5861e129f93d3fecceccf6_JaffaCakes118
.zip
install.exe
.exe .vbs windows:4 windows x86 arch:x86 polyglot

7a31906cba8d7e4645fb6e35f435d453

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontA
GetStockObject

user32

SetCapture
ReleaseCapture
LoadBitmapA
GetWindowRect
GetWindowLongA
GetDlgCtrlID
UpdateWindow
TranslateMessage
ShowWindow
SetWindowTextA
SetWindowPos
SetWindowLongA
SetMenu
SetForegroundWindow
SetFocus
SendMessageA
RegisterClassExA
PostQuitMessage
MessageBoxIndirectA
LoadMenuA
LoadIconA
LoadCursorA
GetSystemMetrics
GetParent
GetMessageA
GetDlgItem
EndDialog
DispatchMessageA
DialogBoxParamA
DialogBoxIndirectParamA
DefWindowProcA
CreateWindowExA
CallWindowProcA
AnimateWindow

kernel32

DeleteFileA
WriteFile
FlushFileBuffers
ReadFile
GetFileSize
CreateFileA
FindFirstFileA
FindClose
Sleep
SetThreadPriority
SetPriorityClass
GetThreadPriority
GetExitCodeProcess
GetCurrentThread
CreateProcessA
CloseHandle
WinExec
SleepEx
SetCurrentDirectoryA
RemoveDirectoryA
MultiByteToWideChar
GlobalFree
GlobalAlloc
GetVolumeInformationA
GetModuleHandleA
GetLogicalDriveStringsA
GetDriveTypeA
GetCurrentDirectoryA
GetCommandLineA
ExitProcess
CreateDirectoryA

comctl32

InitCommonControlsEx

shell32

ShellExecuteA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a31906cba8d7e4645fb6e35f435d453

Headers

File Characteristics

Imports

gdi32

user32

kernel32

comctl32

shell32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4.8MB - Virtual size: 4.8MB

.rsrc Size: 148KB - Virtual size: 148KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4.8MB - Virtual size: 4.8MB

.rsrc
Size: 148KB - Virtual size: 148KB