JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c

General

Target

JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c
Size

164KB
MD5

67c31b83e83098964f5f43cb4aeef38c
SHA1

0c48d64fcc5b8d95f9012516f674837b5eb54e78
SHA256

14947c5cf10a8cbcc0dedfa7e98d039f7fac473a10e15f771f5da29c33076d1a
SHA512

756471651c942ceeb2e80247bbc4b1c3e3a18f00679ae528ea14466cf8a6487df84b6f61c06f9a5c8bf4018a17d048c75b0d4921f134acec2579ca9ae8435db9
SSDEEP

3072:Ay11Z4oCZpZ+2/N3jCkwwyqN/GJ2KfJ0xVdUpLughILqY4cuGUXwdJyv:zr4C2/tjCk5yi/02bdUgdzJUXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c

Files

JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c
.exe windows:4 windows x86 arch:x86

c2c943e16a19786b8fd4cb895bba6e0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GlobalGetAtomNameA
GlobalAlloc
FindClose
GetFileAttributesW
LoadResource
GetModuleFileNameW
FileTimeToSystemTime
GetLocaleInfoW
GetLastError
DeleteCriticalSection
GetPrivateProfileStringW
GetVersion
GlobalLock
WritePrivateProfileStringW
GetCurrentDirectoryW
GetVersionExA
WaitForSingleObject
InterlockedIncrement
LoadLibraryW
FreeLibrary
lstrcmpW
WideCharToMultiByte
LoadLibraryExW
GlobalSize
GetTickCount
MultiByteToWideChar
GlobalFree
GetModuleHandleW
EnumResourceTypesA
LockResource
CloseHandle
lstrlenW
IsValidCodePage
FileTimeToLocalFileTime
GetProcAddress
GetPrivateProfileIntW
DeleteFileW
lstrcpynW
lstrcpyW
GetVersionExW
LoadLibraryA
Sleep
GetCurrentThreadId
InitializeCriticalSection
SetFileAttributesW
FindCloseChangeNotification
GlobalUnlock
FindNextChangeNotification
ResumeThread
MulDiv
FindResourceW
FindFirstChangeNotificationW
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExA
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2c943e16a19786b8fd4cb895bba6e0e

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 2KB - Virtual size: 405KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 2KB - Virtual size: 405KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB