1a0661951b15e56ab955630456df534c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a0661951b15e56ab955630456df534c_JaffaCakes118
Size

184KB
MD5

1a0661951b15e56ab955630456df534c
SHA1

aec36c76094a8201006722d717873c4b37bbdef4
SHA256

cb6e71f5ef516f76189d005cd6ab59525051bf536afdaff4d9f4944663b40ef2
SHA512

b84a1779831649504cbbfbfe10307b63f99e575fe35ba49d2d40935dd4c92b553848a6bbeadda5e81ec9c5d96639a3b6c77f828808da9b5af5876a7c3d4348dd
SSDEEP

3072:EvdvfZNetsWJeH+ivpkz88fx2DNgCvLPL8caMBIeVLE1SNGlGmCiep1KZ/kGUE3m:CTIeeekzlxuNgC/HfclL44/kG+8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0661951b15e56ab955630456df534c_JaffaCakes118

Files

1a0661951b15e56ab955630456df534c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90c3639ee2c0e8a642048d4c8778800f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitialize
CoSetProxyBlanket

kernel32

QueryPerformanceCounter
InterlockedDecrement
WriteConsoleW
GetThreadPriority
HeapDestroy
GetCurrentThreadId
GetModuleHandleA
MultiByteToWideChar
TerminateProcess
GetCommandLineA
GetCPInfo
GetConsoleCP
RaiseException
GetUserDefaultLCID
GetFullPathNameW
GetProcAddress
InterlockedIncrement
EnterCriticalSection
GetStringTypeA
SetCommTimeouts
FlushFileBuffers
GetCurrentProcess
CreateFileA
HeapCreate
GetACP
SetHandleCount
GetVersionExA
GetStringTypeW
GetStdHandle
GetConsoleMode
WriteConsoleA
GetLocaleInfoW
GlobalAlloc
GetConsoleOutputCP
FreeEnvironmentStringsW
EnumResourceNamesA
IsValidLocale
HeapAlloc
LCMapStringA
GetCurrentDirectoryW
LCMapStringW
DeleteCriticalSection
GetCurrentProcessId
GetFileType
IsDebuggerPresent
GetModuleFileNameW
ReadFile
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStrings
EnumSystemLocalesA
SetEndOfFile
FreeEnvironmentStringsA
HeapFree
UnhandledExceptionFilter
GetEnvironmentStringsW
RtlUnwind
Sleep
CloseHandle
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsSetValue
IsValidCodePage
ExitProcess
LoadLibraryA
GetTickCount
TlsAlloc
WideCharToMultiByte
ExitProcess
WriteFile
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
VirtualFree
TlsGetValue
SetStdHandle
TlsFree
GetLastError
LeaveCriticalSection
InitializeCriticalSection
SetLastError
GetProcessHeap
SetFilePointer
GetOEMCP
HeapSize
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90c3639ee2c0e8a642048d4c8778800f

Headers

File Characteristics

Imports

shlwapi

shell32

rpcrt4

ole32

kernel32

user32

advapi32

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 216KB