1583eb515ed48232b88f41228e4ef758_JaffaCakes118

General

Target

1583eb515ed48232b88f41228e4ef758_JaffaCakes118
Size

182KB
MD5

1583eb515ed48232b88f41228e4ef758
SHA1

ae037b222f79890c7efd5de8c2acec14c16ffdbf
SHA256

4450d5b82cc3496cd346b6857b22dd2594af308de3f47abcf0883116385426a8
SHA512

2b156d7b375be0dd09c1ef80ee3e856f37384dac95b46b5cebcf3b3e0670c75ffa55088429f2bf7fa5049639848ef93caecb2a89877157ff2aa1f68fa6e737ab
SSDEEP

3072:uzGFkiN7wMeIzxtmugbR4GOBt9Iqu5Q6zN98FxN0wqmOMrq236stAoZdVqR5A/mE:EG9N7wMeIVMuuz0t9Iq4SxCEOMe2KILt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1583eb515ed48232b88f41228e4ef758_JaffaCakes118

Files

1583eb515ed48232b88f41228e4ef758_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bc6aef624f8760e86a10b5add0ae400

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

ReadFile
GetCPInfo
GetUserDefaultLCID
CloseHandle
Sleep
GetThreadPriority
GetCurrentThreadId
IsValidLocale
GetLocaleInfoW
DeleteCriticalSection
ExitProcess
GetModuleHandleA
UnhandledExceptionFilter
InitializeCriticalSection
SetUnhandledExceptionFilter
HeapSize
LCMapStringW
SetCommConfig
GetVersionExA
EnterCriticalSection
HeapAlloc
GetModuleFileNameW
GetConsoleOutputCP
EnumResourceNamesA
TerminateProcess
GetProcAddress
EnumSystemLocalesA
HeapReAlloc
RtlUnwind
SetStdHandle
RaiseException
GetProcessHeap
ExitProcess
CreateFileA
GlobalAlloc
LeaveCriticalSection
GetCurrentProcess
InterlockedIncrement
LCMapStringA
WideCharToMultiByte
GetCurrentDirectoryW
InterlockedDecrement
WriteFile
IsValidCodePage
GetFullPathNameW
WriteConsoleW
HeapFree
MultiByteToWideChar
GetLastError
IsDebuggerPresent
GetCommandLineA
SetEndOfFile
WriteConsoleA
GetFullPathNameA

ole32

CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitialize
StringFromGUID2
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bc6aef624f8760e86a10b5add0ae400

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

shell32

rpcrt4

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 216KB