33dbdad9795826824d9438ae0e641875_JaffaCakes118

General

Target

33dbdad9795826824d9438ae0e641875_JaffaCakes118
Size

173KB
MD5

33dbdad9795826824d9438ae0e641875
SHA1

c67d60a939db90419215b3d5e7535ec782011a7f
SHA256

c70f47bb4489a4970a6c11d1f79d90b2909344b659725caf9e5dc922f3d15c4f
SHA512

97d8a61e3aae89dec9a015041d33e279ad449f1268cca64cf0f074a7e5fb2aa482ae77b680d4edc52d5296b8b144967e1752af58309413bc99f13a029f3b22d7
SSDEEP

3072:Uwo9xcNnGz8ksc3P5Rdur4LFljjaaYq05lGgC91upEF2dJZ9yfSNQy+E:3Cxy7Vc3P5u8LPe/+1OjZ9yK6yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33dbdad9795826824d9438ae0e641875_JaffaCakes118

Files

33dbdad9795826824d9438ae0e641875_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cb87ebf89fddfa1f092db39834fc79f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryW
LCMapStringA
WriteConsoleA
GetCommandLineA
GetLocaleInfoW
GetCurrentThreadId
WriteFile
GetThreadPriority
TerminateProcess
RaiseException
CreateFileA
IsValidLocale
GetProcessHeap
DeleteCriticalSection
RtlUnwind
HeapAlloc
LCMapStringW
SetupComm
Sleep
GetConsoleOutputCP
SetEndOfFile
MultiByteToWideChar
CloseHandle
GetVersionExA
GetCurrentProcess
EnumSystemLocalesA
HeapFree
GetProcAddress
SetStdHandle
EnumResourceNamesA
IsDebuggerPresent
WriteConsoleW
GetCPInfo
InitializeCriticalSection
ExitProcess
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
UnhandledExceptionFilter
EnterCriticalSection
GetModuleFileNameW
ExitProcess
InterlockedDecrement
GetLastError
SetUnhandledExceptionFilter
LeaveCriticalSection
GetFullPathNameW
HeapReAlloc
GetUserDefaultLCID
ReadFile
InterlockedIncrement
HeapSize
IsValidCodePage
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetAncestor
MessageBoxW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cb87ebf89fddfa1f092db39834fc79f

Headers

File Characteristics

Imports

kernel32

shell32

rpcrt4

user32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 28KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 28KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 216KB