21ec718ab5c0105821604f3afb8648bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21ec718ab5c0105821604f3afb8648bd_JaffaCakes118
Size

172KB
MD5

21ec718ab5c0105821604f3afb8648bd
SHA1

c9cb1be8e04fc0e7e900ee4a322d0bd3814c8dae
SHA256

5a0fbd0d2af0975dce7b228006f80dff9b062fc1283fa364121deff654301fbf
SHA512

0574fdb7ca92824776bb70a9d7732743cc0a3bc3c145c0dcfdc817323a7cba2b7d939a8de300874a6da7d0127723ed3ea73d766bed03d9eb92f607fdaed094f7
SSDEEP

3072:JGSuGMwq/LmouCrPnqAJ4R8MDIuOmDZbVe9E/StnichrkqhlgjHqbd6ay:JU9wkmRonqAJ08pEc+/EnzhrkeGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21ec718ab5c0105821604f3afb8648bd_JaffaCakes118

Files

21ec718ab5c0105821604f3afb8648bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0eed86ccf09694eca5455a4a32a2648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

shlwapi

SHDeleteKeyW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

ReadFile
GetCurrentProcess
WriteConsoleW
TlsSetValue
GetFullPathNameW
GetFileType
SetUnhandledExceptionFilter
WriteConsoleA
GetThreadPriority
HeapSize
GetTickCount
GetVersionExA
GetConsoleMode
IsDebuggerPresent
GetConsoleOutputCP
GetProcessHeap
RaiseException
EnumSystemLocalesA
TlsGetValue
SetCommTimeouts
SetLastError
GetModuleFileNameW
GlobalAlloc
GetEnvironmentStrings
GetCurrentProcessId
GetStartupInfoA
TerminateProcess
GetModuleHandleA
FreeEnvironmentStringsA
VirtualAlloc
GetLocaleInfoA
GetCPInfo
EnterCriticalSection
GetCommandLineA
GetLocaleInfoW
GetCurrentDirectoryW
HeapReAlloc
ExitProcess
SetHandleCount
Sleep
EnumResourceNamesA
RtlUnwind
SetEndOfFile
WideCharToMultiByte
TlsFree
GetProcAddress
HeapAlloc
LCMapStringA
CreateFileA
CloseHandle
HeapDestroy
VirtualFree
GetSystemTimeAsFileTime
InterlockedIncrement
GetOEMCP
SetStdHandle
WriteFile
GetModuleFileNameA
GetStringTypeW
InterlockedDecrement
HeapFree
GetConsoleCP
MultiByteToWideChar
IsValidCodePage
FlushFileBuffers
GetStdHandle
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
ExitProcess
TlsAlloc
LeaveCriticalSection
GetCurrentThreadId
HeapCreate
IsValidLocale
GetEnvironmentStringsW
LCMapStringW
UnhandledExceptionFilter
QueryPerformanceCounter
SetFilePointer
GetACP
GetUserDefaultLCID
GetLastError
DeleteCriticalSection
FreeEnvironmentStringsW
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0eed86ccf09694eca5455a4a32a2648

Headers

File Characteristics

Imports

ole32

user32

shlwapi

advapi32

kernel32

shell32

rpcrt4

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.crt
Size: 512B - Virtual size: 68KB