28525c7a32166d7ef4be77cbbce21218_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28525c7a32166d7ef4be77cbbce21218_JaffaCakes118
Size

185KB
MD5

28525c7a32166d7ef4be77cbbce21218
SHA1

6b2382ef49bd64a9b544d8040d8cc34eefd7e533
SHA256

2ef837041acb3666ad3392204b7886e69423dc212f46659ad67bc152f44c54f0
SHA512

9b284bd41e5d1179e43d3424b1db1de60a5703bc604fd51b82827891ca9b8f3c0c5e2535cbe3691c0b77b46ae54ceb2278ae30fc7acebc9d2f481b6ae6dbe202
SSDEEP

3072:kLHECeIdBbtve6obdue87pXuLEupwb4DNyWRPNVKNnd5gSzXx9D2W1plcnV2SCU:ELVneJUpUx6biLPNYNn/zxZzplcnhC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28525c7a32166d7ef4be77cbbce21218_JaffaCakes118

Files

28525c7a32166d7ef4be77cbbce21218_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15670510d200222eb8ba783615317c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
StringFromGUID2
CoSetProxyBlanket

kernel32

HeapCreate
HeapFree
GetThreadPriority
TlsFree
GetCurrentProcess
GetStringTypeA
GetCurrentDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
FlushFileBuffers
WriteConsoleA
GetConsoleMode
GetProcAddress
GetConsoleCP
InterlockedDecrement
WriteFile
WriteConsoleW
WideCharToMultiByte
TlsAlloc
GetStartupInfoA
TlsGetValue
CloseHandle
SetFilePointer
CreateFileA
GetLastError
SetCommTimeouts
GetModuleFileNameA
GetLocaleInfoA
LeaveCriticalSection
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
EnumSystemLocalesA
IsValidCodePage
GetLocaleInfoW
LCMapStringW
GetFullPathNameW
GlobalAlloc
GetProcessHeap
GetConsoleOutputCP
VirtualAlloc
GetTickCount
IsValidLocale
FreeEnvironmentStringsA
InterlockedIncrement
EnumResourceNamesA
GetVersionExA
GetCPInfo
TlsSetValue
EnterCriticalSection
RaiseException
VirtualFree
MultiByteToWideChar
UnhandledExceptionFilter
ExitProcess
GetStringTypeW
HeapAlloc
QueryPerformanceCounter
GetCurrentThreadId
LoadLibraryA
GetACP
HeapDestroy
GetModuleFileNameW
RtlUnwind
SetStdHandle
ReadFile
InitializeCriticalSection
TerminateProcess
FreeEnvironmentStringsW
SetEndOfFile
GetStdHandle
LCMapStringA
IsDebuggerPresent
GetModuleHandleA
HeapReAlloc
SetLastError
GetOEMCP
GetCurrentProcessId
ExitProcess
HeapSize
Sleep
GetUserDefaultLCID
GetCommandLineA
GetFileType
GetEnvironmentStrings
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15670510d200222eb8ba783615317c04

Headers

File Characteristics

Imports

shell32

user32

rpcrt4

ole32

kernel32

advapi32

shlwapi

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 216KB