JaffaCakes118_4e79c9ae11649a0e5e18190ac4e30ba0

General

Target

JaffaCakes118_4e79c9ae11649a0e5e18190ac4e30ba0
Size

109KB
MD5

4e79c9ae11649a0e5e18190ac4e30ba0
SHA1

22b03e1c50d1aecd4fe187359a7c9cf2885312e2
SHA256

a94679abfdfb1b8dced9dc505d5129415ed5eb4dfa6a399d34969baa4eb2b596
SHA512

9041b9324d3bba26a4e32934509177c55fe65496640fd67647b98b17e5a3d9ff759f0bc5e952d23113c2eac0bdfa718384c6f01c08a89c58e1df00e13215cf96
SSDEEP

1536:ulGxjm/jYnpAWfB4M5tAeNoR7SV7VyozjkoD60CS0BeRUZMbWgcIo0HGHZRxA6Ji:OGxmAAYfD87c3goGMNqbIoWwA3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4e79c9ae11649a0e5e18190ac4e30ba0

Files

JaffaCakes118_4e79c9ae11649a0e5e18190ac4e30ba0
.exe windows:4 windows x86 arch:x86

d3b85502547e5b3a8e029733e772ae60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
GetFileAttributesA
Sleep
GetCommandLineA
WriteConsoleW
GetModuleHandleA
GetStartupInfoA
VirtualQueryEx
CopyFileA
lstrlenW
HeapDestroy
AddAtomW
WriteConsoleW
WriteConsoleW
lstrcpyA
VirtualProtect
SetEvent
GetDriveTypeW
CancelIo
GetPrivateProfileSectionW
GetProcessHeap

mmcndmgr

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllRegisterServer

uxtheme

GetThemeColor
GetThemeTextMetrics
DrawThemeEdge
SetWindowTheme
GetThemeBool
CloseThemeData
GetThemeSysSize
GetThemeTextExtent
CloseThemeData
OpenThemeData
GetWindowTheme
IsThemeActive
DrawThemeBackground

Sections

.text
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.export
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3b85502547e5b3a8e029733e772ae60

Headers

File Characteristics

Imports

kernel32

mmcndmgr

uxtheme

Sections

.text Size: 1024B - Virtual size: 855B

.data Size: 2KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 274B

.rsrc Size: 103KB - Virtual size: 103KB

.rdata Size: 512B - Virtual size: 83B

.export Size: 512B - Virtual size: 112B

.text
Size: 1024B - Virtual size: 855B

.data
Size: 2KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 274B

.rsrc
Size: 103KB - Virtual size: 103KB

.rdata
Size: 512B - Virtual size: 83B

.export
Size: 512B - Virtual size: 112B