JaffaCakes118_40c8301a18c687f1c060d748fb977d8a

General

Target

JaffaCakes118_40c8301a18c687f1c060d748fb977d8a
Size

274KB
MD5

40c8301a18c687f1c060d748fb977d8a
SHA1

5d882ed9f783e1cbf7c1bcc9bbaac38a7f35b0d7
SHA256

1bc8e75937ee55c4b997462a9543cee56a3a165b033ea8ab93a86b5dc0b2e4db
SHA512

cfb802b3b83c2c71ae6fe9b6d1fcadcb1faf645229ec56051c20453c3272daeeb9926687e099cf159651dd4e9fa14b89069a7dfec85580a069833b56123e1116
SSDEEP

6144:GchI6ON74WG8VjfCIutft8dhMCGDwTC6nYPyMt3L+0bhQ2z8O2S:Hibxm8c9idhMCGGCWLMtzhGO2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_40c8301a18c687f1c060d748fb977d8a

Files

JaffaCakes118_40c8301a18c687f1c060d748fb977d8a
.exe windows:4 windows x86 arch:x86

de211e813f25c4f6b4f3ac639d0b73d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
FreeLibrary
LockResource
CloseHandle
InterlockedIncrement
ResumeThread
GlobalGetAtomNameA
GetModuleFileNameW
MultiByteToWideChar
LoadLibraryA
lstrcpynW
GetCurrentDirectoryW
lstrcpyW
GetProcAddress
FindNextChangeNotification
FileTimeToLocalFileTime
InitializeCriticalSection
GlobalAlloc
DeleteCriticalSection
GetPrivateProfileStringW
Sleep
DeleteFileW
GetVersionExA
LoadLibraryExW
EnumResourceTypesA
GetVersionExW
WaitForSingleObject
GlobalSize
FindFirstFileW
GlobalLock
FindFirstChangeNotificationW
FileTimeToSystemTime
LoadResource
GetLastError
lstrcmpW
IsValidCodePage
GetCurrentThreadId
FindClose
GetPrivateProfileIntW
WritePrivateProfileStringW
SetFileAttributesW
GetLocaleInfoW
FindCloseChangeNotification
GetTickCount
GetFileAttributesW
GlobalUnlock
MulDiv
LoadLibraryW
GlobalFree
GetVersion
GetModuleHandleW
FindResourceW
lstrlenW
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHGetPathFromIDListA
SHFileOperationW
ShellExecuteExA
SHBrowseForFolderA
SHGetFileInfoA
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de211e813f25c4f6b4f3ac639d0b73d5

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 2KB - Virtual size: 137KB

.data Size: 156KB - Virtual size: 155KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 2KB - Virtual size: 137KB

.data
Size: 156KB - Virtual size: 155KB

.rsrc
Size: 512B - Virtual size: 4KB