JaffaCakes118_a6d5cb621e1b5788e3b63881f1c9a7ae

General

Target

JaffaCakes118_a6d5cb621e1b5788e3b63881f1c9a7ae
Size

168KB
MD5

a6d5cb621e1b5788e3b63881f1c9a7ae
SHA1

1432dd32c1438fd0ef27dd6a4d6300d416010495
SHA256

2262245b3a6625161f7ac8183ebb65d0b1e96617ba962c63b28dc256d4c65602
SHA512

520a7c6f1736bc2c7f744604eeec96e8c9782ed403ec5c0783a7c20a3d8e502c3102d64841bb031b2237c02f0cda884a3edce3fff7a55b30084d741c50c6e6ea
SSDEEP

3072:3z5WHsOQ8adZ2CVgULqn1CxBCHN06Hjo0r7HMkVj9fTsOO/:8MOteIeq1Cx2tjZ7HDj9ZO/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a6d5cb621e1b5788e3b63881f1c9a7ae

Files

JaffaCakes118_a6d5cb621e1b5788e3b63881f1c9a7ae
.exe windows:4 windows x86 arch:x86

92a9508df1715d98e73a2d6a40e41546

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
InterlockedIncrement
FindCloseChangeNotification
FindFirstChangeNotificationW
GetAtomNameA
GetFileAttributesW
FileTimeToLocalFileTime
lstrcmpW
GetLastError
SetFileAttributesW
GetVersion
FreeLibrary
DeleteCriticalSection
GlobalAlloc
FindNextChangeNotification
GetCurrentThreadId
GlobalFree
GetModuleFileNameW
GetProcAddress
FindFirstFileW
DeleteFileW
WritePrivateProfileStringW
FindResourceW
GetTickCount
MultiByteToWideChar
ResumeThread
lstrcpyW
FindClose
GlobalLock
GetLocaleInfoW
lstrlenW
EnumResourceTypesA
LoadLibraryA
WaitForSingleObject
GetCurrentDirectoryW
IsValidCodePage
WideCharToMultiByte
LoadLibraryExW
GetVersionExW
FileTimeToSystemTime
LoadLibraryW
GetPrivateProfileIntW
Sleep
CloseHandle
InitializeCriticalSection
LockResource
GlobalUnlock
GlobalSize
GetVersionExA
MulDiv
GetPrivateProfileStringW
lstrcpynW
GetModuleHandleW
SetThreadPriority

shell32

SHGetImageList
ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExA
SHFileOperationW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExW
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92a9508df1715d98e73a2d6a40e41546

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 2KB - Virtual size: 397KB

.data Size: 88KB - Virtual size: 87KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 2KB - Virtual size: 397KB

.data
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 512B - Virtual size: 4KB