JaffaCakes118_7d54f09d2cd3220d3794dc738fbde3ae

General

Target

JaffaCakes118_7d54f09d2cd3220d3794dc738fbde3ae
Size

180KB
MD5

7d54f09d2cd3220d3794dc738fbde3ae
SHA1

130a3e621f60338da373d8dc2b812a4bd938113d
SHA256

278f84565d879538acce3295e0257515ec856ebba85cc5aade3ec6b8c4f09230
SHA512

0132849efe2008610130ff75258661f6a10b5babdb796558c309a215cb2b61467efd7dc672e9b1d4925d37bb3305e2cd6215bef39000c58dd0823c825a5f8b35
SSDEEP

3072:e/oHwqvsl1URuMthYIM2EfqsftIYkGJIurF0eTuVSPChNUmt+QYCZ5RsuT/:e/C0l14uS3ofJIurF0VVSKzUmt+hikur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7d54f09d2cd3220d3794dc738fbde3ae

Files

JaffaCakes118_7d54f09d2cd3220d3794dc738fbde3ae
.exe windows:4 windows x86 arch:x86

f35d10e6cbed4c916a25b11c3b26d9d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
lstrcpynW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FindFirstFileW
GetCurrentThreadId
GlobalGetAtomNameA
InitializeCriticalSection
GlobalSize
GetTickCount
GlobalFree
CloseHandle
DeleteFileW
MultiByteToWideChar
lstrcmpW
MulDiv
FindNextChangeNotification
lstrlenW
WaitForSingleObject
FindFirstChangeNotificationW
WideCharToMultiByte
EnumResourceTypesA
lstrcpyW
GetFileAttributesW
LoadResource
GetPrivateProfileStringW
GetLastError
GlobalLock
LoadLibraryA
FindClose
GetVersion
InterlockedIncrement
GetProcAddress
IsValidCodePage
FileTimeToLocalFileTime
LoadLibraryExW
LoadLibraryW
WritePrivateProfileStringW
DeleteCriticalSection
GetCurrentDirectoryW
GetLocaleInfoW
GetVersionExW
LockResource
FindCloseChangeNotification
FreeLibrary
GlobalUnlock
GetVersionExA
GlobalAlloc
Sleep
SetFileAttributesW
ResumeThread
FileTimeToSystemTime
SetThreadPriority

shell32

SHIsFileAvailableOffline
SHGetFolderPathW
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExW
ShellExecuteExA
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
SHFileOperationW
Shell_NotifyIconA

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f35d10e6cbed4c916a25b11c3b26d9d0

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 94KB - Virtual size: 94KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 512B - Virtual size: 4KB