d4b92584e58e5cddd62081ab7f46bcc8_JaffaCakes118

General

Target

d4b92584e58e5cddd62081ab7f46bcc8_JaffaCakes118
Size

186KB
MD5

d4b92584e58e5cddd62081ab7f46bcc8
SHA1

74407ca367afb0e1cdc5a1218ea97a69a30b59d0
SHA256

cf6bf3538ecfcb163be8e124a73540604731b246f8d15fa4ffab184edd539b2d
SHA512

6be0a4542def4cf1f82300c7f2fbb071918ea038f5127d26061159019b369296a8ac104181d20b50486de5fbe95ca8dc436d6bcf4e032c48f3e0aa9586e3c0ac
SSDEEP

3072:UAD1/iHffLvRJwIdlznF6A1gFMHDxVXT9nE3TVd:UAD1/gffbv1JDFOV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4b92584e58e5cddd62081ab7f46bcc8_JaffaCakes118

Files

d4b92584e58e5cddd62081ab7f46bcc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65a84e6010bd120526edea1717bb9ca5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoMarshalHresult
CoCreateInstance
CoRegisterClassObject
StringFromGUID2
CoTaskMemFree
GetRunningObjectTable
CLSIDFromString
CreateStreamOnHGlobal
StringFromCLSID
CoUninitialize
CoInitialize
CoRevokeClassObject
CoFreeUnusedLibraries
CoInitializeEx
CreateItemMoniker
CoTaskMemAlloc

kernel32

QueryMemoryResourceNotification
InterlockedIncrement
GetTempPathW
GetModuleFileNameW
CloseHandle
CreateFileA
DisableThreadLibraryCalls
GetModuleFileNameA
LocalAlloc
SetFileAttributesW
DeleteFileA
WideCharToMultiByte
lstrlenA
GetVersionExA
GetCurrentDirectoryW
FreeLibrary
GetExitCodeThread
ReadFile
GetFileSize
GetFileAttributesW
FindNextFileA
FindFirstFileW
lstrcmpA
CopyFileA
EnumResourceTypesW
DeleteFileW
SetErrorMode
GetTempPathA
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
GetLastError
FindNextFileW
LocalFree
WaitForSingleObject
GetTempFileNameW
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryW
InterlockedDecrement
GetTempFileNameA

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65a84e6010bd120526edea1717bb9ca5

Headers

File Characteristics

Imports

gdiplus

ole32

kernel32

Sections

.text Size: 114KB - Virtual size: 113KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 114KB - Virtual size: 113KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 104KB