fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118

General

Target

fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118
Size

179KB
MD5

fb34855b4d25f6d0b5e9cf19333c2567
SHA1

76adab16924d612346c0d328bce496be8086ceb8
SHA256

630687176413d8e68dec7840c3c88e1f7a65f8cd6d402f887591b76bf6465d35
SHA512

3e9ea5c5d08eb80c3d32ef7c7574ce88b872447142303bef0f63248c90513f57a8a90a1ed2625a91e86ce8e5e6385bba6d7884b1ae780f9244d941e82dcf60e8
SSDEEP

3072:H/1Y3dTmqeHrJ8rMG9gdy56SineLakifm510IeEUpZ8+SQMqJAK0V:9Y3YqeHrg2sOneLamjcJ/8+SQMsAv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118

Files

fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3543d56dba80b60f7da95edc8855224a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetWindowsDirectoryA
FindClose
FlushInstructionCache
GetPrivateProfileStringA
DeleteFileA
GetProcAddress
FindNextFileA
GetModuleHandleA
WriteFile
GlobalAlloc
EnumResourceNamesW
MulDiv
ReadFile
FindFirstFileA
WaitForSingleObject
LoadLibraryExA
SetupComm
GetExitCodeProcess
MultiByteToWideChar
SetFilePointer
WritePrivateProfileStringA
GlobalFree

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoTaskMemFree

rpcrt4

NdrComplexArrayFree
UuidCreate

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHFileOperationA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3543d56dba80b60f7da95edc8855224a

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

rpcrt4

version

comctl32

shell32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 65KB

.reloc Size: 1024B - Virtual size: 112KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 65KB

.reloc
Size: 1024B - Virtual size: 112KB