25b4b3ae0da879717ed7db6d38ba0a87_JaffaCakes118

General

Target

25b4b3ae0da879717ed7db6d38ba0a87_JaffaCakes118
Size

177KB
MD5

25b4b3ae0da879717ed7db6d38ba0a87
SHA1

c3985fde64020df3f32320cc4de5905a1768ff67
SHA256

add78e22b52018c6881a0c04d4a771e62abe72882073582455fe924bd1d54349
SHA512

0550bd5b6b838f9c10581d9a334518ba1160b99966721bed4f3faaf0f2d70b598c9e03cd529605ce8c9c47277b665ed61d866729a43eab6b0937deae694933d8
SSDEEP

3072:LdsZxu50zWohzAdnN3tWVsMa1fWCqyz8Jbnifei1X//Ut2LWWQNJKmZ1rqwuRh:pqvzR5ALtI9a9WChzAbnUeQ/Mu0NY+bE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b4b3ae0da879717ed7db6d38ba0a87_JaffaCakes118

Files

25b4b3ae0da879717ed7db6d38ba0a87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdccd9f77ba440776465eaf65fbcb20d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

kernel32

GetThreadPriority
IsDebuggerPresent
EnumSystemLocalesA
GetCPInfo
GetVersionExA
LCMapStringW
RtlUnwind
GetCurrentThreadId
GetLastError
RaiseException
GetLocaleInfoW
CloseHandle
InterlockedIncrement
MultiByteToWideChar
GetModuleHandleA
GetFullPathNameW
SetStdHandle
GetProcessHeap
PurgeComm
LCMapStringA
TerminateProcess
HeapReAlloc
EnumResourceNamesA
GetConsoleOutputCP
GetUserDefaultLCID
ExitProcess
InterlockedDecrement
SetUnhandledExceptionFilter
IsValidLocale
GlobalAlloc
IsValidCodePage
CreateFileA
InitializeCriticalSection
LeaveCriticalSection
Sleep
HeapSize
SetEndOfFile
GetCurrentProcess
HeapAlloc
GetCurrentDirectoryW
ExitProcess
UnhandledExceptionFilter
ReadFile
GetModuleFileNameW
EnterCriticalSection
DeleteCriticalSection
GetCommandLineA
WriteFile
HeapFree
WriteConsoleA
WideCharToMultiByte
GetProcAddress
WriteConsoleW
GetFullPathNameA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdccd9f77ba440776465eaf65fbcb20d

Headers

File Characteristics

Imports

user32

rpcrt4

shell32

kernel32

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 29KB - Virtual size: 28KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 29KB - Virtual size: 28KB

.crt
Size: 512B - Virtual size: 348KB