f4c94961b25725596cfac83ca2385b62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4c94961b25725596cfac83ca2385b62_JaffaCakes118
Size

185KB
MD5

f4c94961b25725596cfac83ca2385b62
SHA1

49adfba5e2badf98b92af38bc896f758c82cd3bf
SHA256

e37ecd3a02b6ec838500ce01bc5709717c2ca74b46f4b74fbd4aeb67eed8a5fa
SHA512

ddc2bf4a55c579dccc033a964514f801b2083af6fcb064bda15020742f81551642efdd4bbd02bbfa2e36fbd20387e60c06c29f75eef44b34a73623349c1a993a
SSDEEP

3072:kLHECeIdBbtve6obdue87pXuLEupwb4DNyWRPNVKNnd5gSzXx9D2W1plcnV2SCU:ELVneJUpUx6biLPNYNn/zxZzplcnhC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4c94961b25725596cfac83ca2385b62_JaffaCakes118

Files

f4c94961b25725596cfac83ca2385b62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15670510d200222eb8ba783615317c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
StringFromGUID2
CoSetProxyBlanket

kernel32

HeapCreate
HeapFree
GetThreadPriority
TlsFree
GetCurrentProcess
GetStringTypeA
GetCurrentDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
FlushFileBuffers
WriteConsoleA
GetConsoleMode
GetProcAddress
GetConsoleCP
InterlockedDecrement
WriteFile
WriteConsoleW
WideCharToMultiByte
TlsAlloc
GetStartupInfoA
TlsGetValue
CloseHandle
SetFilePointer
CreateFileA
GetLastError
SetCommTimeouts
GetModuleFileNameA
GetLocaleInfoA
LeaveCriticalSection
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
EnumSystemLocalesA
IsValidCodePage
GetLocaleInfoW
LCMapStringW
GetFullPathNameW
GlobalAlloc
GetProcessHeap
GetConsoleOutputCP
VirtualAlloc
GetTickCount
IsValidLocale
FreeEnvironmentStringsA
InterlockedIncrement
EnumResourceNamesA
GetVersionExA
GetCPInfo
TlsSetValue
EnterCriticalSection
RaiseException
VirtualFree
MultiByteToWideChar
UnhandledExceptionFilter
ExitProcess
GetStringTypeW
HeapAlloc
QueryPerformanceCounter
GetCurrentThreadId
LoadLibraryA
GetACP
HeapDestroy
GetModuleFileNameW
RtlUnwind
SetStdHandle
ReadFile
InitializeCriticalSection
TerminateProcess
FreeEnvironmentStringsW
SetEndOfFile
GetStdHandle
LCMapStringA
IsDebuggerPresent
GetModuleHandleA
HeapReAlloc
SetLastError
GetOEMCP
GetCurrentProcessId
ExitProcess
HeapSize
Sleep
GetUserDefaultLCID
GetCommandLineA
GetFileType
GetEnvironmentStrings
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15670510d200222eb8ba783615317c04

Headers

File Characteristics

Imports

shell32

user32

rpcrt4

ole32

kernel32

advapi32

shlwapi

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 216KB