293f2810dd1552c3e591ca77a8aa2548_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

293f2810dd1552c3e591ca77a8aa2548_JaffaCakes118
Size

181KB
MD5

293f2810dd1552c3e591ca77a8aa2548
SHA1

74cea16f19df1e67c8f13559530e46f392e5dde6
SHA256

48871b742b7a5decbf8282652a00c70d427bccaead669ab2a4ba72475649c7c9
SHA512

ca5e6d8b6bb564dd3b4d410c87602a85a50a27797670565f48dd6fe6c82d61b781c2944d1a5c2453ddc86ea81c85928b6309183b83deccb29070db32f5fa483a
SSDEEP

3072:vu/FrTyBRsLjITLY1qepzNbM6DNg83WSuRJ4DLSf1V4g9iR4RTEjbkX27Vo:Gdfe+LjiovzZxFGzBf8RRj0X2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
293f2810dd1552c3e591ca77a8aa2548_JaffaCakes118

Files

293f2810dd1552c3e591ca77a8aa2548_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27ec8180d2fea48198e12a024000fbb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

shlwapi

SHDeleteKeyW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

kernel32

WriteConsoleA
SetLastError
GetThreadPriority
GetEnvironmentStringsW
SetHandleCount
GetProcessHeap
GetModuleFileNameW
HeapCreate
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
FlushFileBuffers
LoadLibraryA
QueryPerformanceCounter
GetCommandLineA
InitializeCriticalSection
HeapFree
SetFilePointer
UnhandledExceptionFilter
TlsFree
GetConsoleCP
GetSystemTimeAsFileTime
GetStdHandle
LCMapStringW
GetCurrentThreadId
IsValidCodePage
GetStringTypeW
HeapReAlloc
MultiByteToWideChar
GetFileType
GetLastError
SetEndOfFile
CloseHandle
SetCommTimeouts
GetStringTypeA
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
FreeEnvironmentStringsW
GetVersionExA
GetLocaleInfoW
EnumResourceNamesA
GetProcAddress
HeapDestroy
VirtualAlloc
ReadFile
IsDebuggerPresent
VirtualFree
LCMapStringA
TerminateProcess
GetTickCount
EnumSystemLocalesA
ExitProcess
GetStartupInfoA
LeaveCriticalSection
ExitProcess
RaiseException
InterlockedIncrement
GetLocaleInfoA
GetCurrentProcess
SetStdHandle
GetCurrentDirectoryW
GetConsoleMode
GetEnvironmentStrings
GetConsoleOutputCP
IsValidLocale
TlsSetValue
HeapAlloc
CreateFileA
TlsGetValue
TlsAlloc
GetACP
HeapSize
WriteConsoleW
DeleteCriticalSection
GlobalAlloc
GetCurrentProcessId
GetUserDefaultLCID
WriteFile
EnterCriticalSection
GetFullPathNameW
Sleep
GetCPInfo
RtlUnwind
GetOEMCP
GetModuleFileNameA
GetFullPathNameA

rpcrt4

UuidCreate

ole32

CoInitialize
StringFromGUID2
CoCreateGuid
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27ec8180d2fea48198e12a024000fbb5

Headers

File Characteristics

Imports

shell32

shlwapi

advapi32

user32

kernel32

rpcrt4

ole32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 216KB