a8c5404c956ca47d8238a44d8f6372f7_JaffaCakes118

General

Target

a8c5404c956ca47d8238a44d8f6372f7_JaffaCakes118
Size

263KB
MD5

a8c5404c956ca47d8238a44d8f6372f7
SHA1

02bffd8845b2146535fbb36614966ec5ca87f9aa
SHA256

e562e3914c803e810408ade487358bb779fb18047e4d83af99692912e568e308
SHA512

9ea9054015a6e7e7f222cf0dc29821a84a5c15135282cb6776f85b0a2dfcc79a11ac2196dc59cb56c36b0455dcd30a804956c970dde2a1aaefe060efc133f83d
SSDEEP

6144:CNg8v7yFwU5i8jjM/rxeEeEp6BLorz/Ui:CXv7yFwrl/rzeM6BLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8c5404c956ca47d8238a44d8f6372f7_JaffaCakes118

Files

a8c5404c956ca47d8238a44d8f6372f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b7c18af1dd05d2f068986360cc82695

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetPartW
UrlCombineW
UrlApplySchemeW
UrlCanonicalizeW
PathCombineW
PathAppendW

oleacc

LresultFromObject
AccessibleObjectFromEvent

wtsapi32

WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSFreeMemory
WTSQuerySessionInformationW
WTSRegisterSessionNotification

kernel32

GetTickCount
GetEnvironmentVariableA
HeapReAlloc
GetSystemTime
CloseHandle
HeapFree
HeapFree
RaiseException
lstrlenW
TerminateProcess
InterlockedCompareExchange
LoadLibraryW
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
CreateProcessA
lstrlenA
HeapSize
Sleep
MultiByteToWideChar
QueryPerformanceCounter
GetStdHandle
GetCurrentProcess
GetModuleHandleA
EnumResourceTypesW
GetLocaleInfoA
LoadLibraryExW
GetACP
GetStartupInfoA
ResetWriteWatch
HeapDestroy
SystemTimeToFileTime
LocalAlloc
WriteFile
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
IsDebuggerPresent
GetCurrentThreadId
GetThreadLocale
WideCharToMultiByte
CreateFileW
InterlockedExchange
lstrcpynW

msimg32

TransparentBlt

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b7c18af1dd05d2f068986360cc82695

Headers

File Characteristics

Imports

shlwapi

oleacc

wtsapi32

kernel32

msimg32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 141KB

.data Size: 202KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 141KB

.data
Size: 202KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB