07a6b04a0371717a0984cd233af08640_JaffaCakes118

General

Target

07a6b04a0371717a0984cd233af08640_JaffaCakes118
Size

187KB
MD5

07a6b04a0371717a0984cd233af08640
SHA1

82dca0aa211981c000bcd9c3b3118ed9ca050e35
SHA256

2e95fb7b203b28145344cc9a14839ab192492d5be9ddc9591307d28942b07ce7
SHA512

de56cf7a3fa7d0afb90579ff99b795d5024ddb5c8ba913fa82896724369695a8325bc097ba5f9a6f1781b96f55469e849e79497819872e949e52f5166207fa93
SSDEEP

3072:/62XHIP80WEWQs7Svj/8zXTiLERJODHez6xLMktlWG8OuG95jGVRaWo5Zqy5eDOW:/62XoxWQxvj/8zXTiGOD+6LM+lfSVRN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07a6b04a0371717a0984cd233af08640_JaffaCakes118

Files

07a6b04a0371717a0984cd233af08640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58071909d2f07fc336180810caaac274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

kernel32

GetCurrentDirectoryW
IsValidCodePage
ReadFile
IsDebuggerPresent
GetCPInfo
GetThreadPriority
HeapFree
WideCharToMultiByte
WriteConsoleA
LCMapStringW
EnterCriticalSection
EnumSystemLocalesA
HeapAlloc
TerminateProcess
MultiByteToWideChar
LeaveCriticalSection
SetEndOfFile
SetStdHandle
GetConsoleOutputCP
PurgeComm
CloseHandle
InterlockedDecrement
WriteConsoleW
UnhandledExceptionFilter
GetCommandLineA
EnumResourceNamesA
InitializeCriticalSection
GetCurrentProcess
RaiseException
Sleep
GetLocaleInfoW
GetCurrentThreadId
DeleteCriticalSection
HeapSize
GetProcessHeap
InterlockedIncrement
GetLastError
GetProcAddress
LCMapStringA
IsValidLocale
ExitProcess
GetModuleHandleA
GetFullPathNameW
SetUnhandledExceptionFilter
GlobalAlloc
HeapReAlloc
CreateFileA
GetModuleFileNameW
GetUserDefaultLCID
RtlUnwind
WriteFile
GetVersionExA
ExitProcess
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58071909d2f07fc336180810caaac274

Headers

File Characteristics

Imports

shell32

user32

rpcrt4

kernel32

advapi32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 31KB - Virtual size: 31KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 31KB - Virtual size: 31KB

.crt
Size: 512B - Virtual size: 88KB