289e5786d9190ca9d3f5839b1e7ef18a_JaffaCakes118

General

Target

289e5786d9190ca9d3f5839b1e7ef18a_JaffaCakes118
Size

174KB
MD5

289e5786d9190ca9d3f5839b1e7ef18a
SHA1

4b403eb19136ef97c8664501c9de89859e3a6a90
SHA256

d4cf78640e7a48b63efcadbc457ebe6cbfdedc9611dd6b3beb38397614d3a23a
SHA512

a190ec425639535d50fdd6e7519de712cff27e4d750f289a4c7b6446f0594ddb992e89cb6c5c0fae458f21282cf1e3f4da5330349122d888d0b265f39f99e836
SSDEEP

3072:n1ffyY/sjk6mqjXLWiSwLvFoV7GruLFxeS3nE9gQ4xdzxzI2txmXh:nx7sLjXL7SsvA0uLFsS3ZQ4bzxzIx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289e5786d9190ca9d3f5839b1e7ef18a_JaffaCakes118

Files

289e5786d9190ca9d3f5839b1e7ef18a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e9fad627c1aa26d46638af0f1e89f09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassLongA
MessageBoxW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoInitialize
CoSetProxyBlanket

kernel32

HeapFree
WriteConsoleW
CreateFileA
LeaveCriticalSection
GetModuleHandleA
GetProcAddress
InterlockedIncrement
IsDebuggerPresent
GetThreadPriority
RaiseException
EnterCriticalSection
GetConsoleOutputCP
SetStdHandle
HeapReAlloc
WideCharToMultiByte
EnumSystemLocalesA
RtlUnwind
LCMapStringA
GetModuleFileNameW
HeapSize
SetCommConfig
SetUnhandledExceptionFilter
EnumResourceNamesA
IsValidCodePage
ExitProcess
GetCPInfo
MultiByteToWideChar
IsValidLocale
Sleep
GetFullPathNameW
GetCurrentDirectoryW
GetCurrentProcess
TerminateProcess
GetVersionExA
LCMapStringW
DeleteCriticalSection
GetUserDefaultLCID
SetEndOfFile
ExitProcess
ReadFile
UnhandledExceptionFilter
CloseHandle
GetLocaleInfoW
WriteConsoleA
GetCurrentThreadId
InitializeCriticalSection
WriteFile
GetCommandLineA
GetLastError
InterlockedDecrement
HeapAlloc
GlobalAlloc
GetProcessHeap
GetFullPathNameA

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9fad627c1aa26d46638af0f1e89f09

Headers

File Characteristics

Imports

user32

advapi32

shell32

rpcrt4

ole32

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 28KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 28KB

.crt
Size: 512B - Virtual size: 212KB