ffd254ddf7f55f149acab7824f27d621_JaffaCakes118

General

Target

ffd254ddf7f55f149acab7824f27d621_JaffaCakes118
Size

167KB
MD5

ffd254ddf7f55f149acab7824f27d621
SHA1

b37747addd61c4588d4cab97769948d2737f5f7c
SHA256

c6450e62fa572741385f5b79553d85d3a8730e2a2834c522ecd1b115cda3d974
SHA512

7abe2a2be68abe79c536e6223e71867b8de09c254f018814a4a9c14f917684af3f615830e291b206797566f4c71fdaec06d1d889d910f57294bc75f152631806
SSDEEP

3072:CTDBnOk+Ss1eEDRIxi/xyb7guBKPsjEqSlcPq/XIMg4ZFQh2CMoKY:CPBOkNeexpUPwEqSepMg4ZOh2PoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd254ddf7f55f149acab7824f27d621_JaffaCakes118

Files

ffd254ddf7f55f149acab7824f27d621_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15c2411c5f954f8ab0e525cea5d380a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsValidCodePage
GetModuleFileNameW
GetThreadPriority
GetModuleHandleA
SetUnhandledExceptionFilter
HeapReAlloc
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
WriteFile
GetCurrentDirectoryW
PurgeComm
GetProcessHeap
GetVersionExA
GetCPInfo
HeapAlloc
InitializeCriticalSection
IsValidLocale
DeleteCriticalSection
HeapSize
HeapFree
InterlockedDecrement
LeaveCriticalSection
EnumResourceNamesA
GetCurrentProcess
IsDebuggerPresent
CreateFileA
SetEndOfFile
RaiseException
GetLastError
InterlockedIncrement
EnumSystemLocalesA
GlobalAlloc
EnterCriticalSection
Sleep
ExitProcess
GetCommandLineA
GetConsoleOutputCP
WriteConsoleA
RtlUnwind
GetLocaleInfoW
GetProcAddress
CloseHandle
WriteConsoleW
ExitProcess
GetUserDefaultLCID
GetCurrentThreadId
GetFullPathNameW
ReadFile
WideCharToMultiByte
LCMapStringW
TerminateProcess
SetStdHandle
GetFullPathNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15c2411c5f954f8ab0e525cea5d380a5

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

user32

shell32

Sections

.text Size: 137KB - Virtual size: 136KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 26KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 137KB - Virtual size: 136KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 26KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 72KB