384baeafdaff456e801030ec2a850165_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

384baeafdaff456e801030ec2a850165_JaffaCakes118
Size

166KB
MD5

384baeafdaff456e801030ec2a850165
SHA1

3e04b4596219154b3953f7f7ae67f67170779c8d
SHA256

9980f9dbe51e7629ee6d2b3a40c4d345b349624636b112d80528d3e0761736f8
SHA512

dc1cc131807fd2d9047686b0c8ebab047d03aa8bef002e407ec9ab89e612583bff491796ae62d25dc4278b0b8a8b51b5052219747536a1832e0f8b13ce296105
SSDEEP

3072:M5ztNWKX32uEpqh9PV3ZBPPe4VZrdB9/a2cUFoEeOL1SEwYNhO:azbH2zp09JzZrFVxlHT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
384baeafdaff456e801030ec2a850165_JaffaCakes118

Files

384baeafdaff456e801030ec2a850165_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e33b75c819cca9705e08757d75e04db3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitialize
CoCreateGuid
CoSetProxyBlanket

rpcrt4

UuidCreate

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

SetFilePointer
TlsFree
GetProcAddress
RaiseException
HeapSize
HeapDestroy
HeapReAlloc
TerminateProcess
WriteConsoleW
VirtualAlloc
FlushFileBuffers
EnumSystemLocalesA
WriteConsoleA
LCMapStringA
GetThreadPriority
GetModuleHandleA
GetSystemTimeAsFileTime
GetStringTypeA
EnterCriticalSection
GlobalAlloc
InterlockedIncrement
ExitProcess
GetProcessHeap
GetModuleFileNameA
FreeEnvironmentStringsW
IsValidLocale
WriteFile
GetCurrentThreadId
SetCommTimeouts
GetEnvironmentStrings
ReadFile
InitializeCriticalSection
LoadLibraryA
IsValidCodePage
GetStdHandle
TlsAlloc
GetStartupInfoA
GetCurrentDirectoryW
IsDebuggerPresent
TlsSetValue
GetACP
QueryPerformanceCounter
Sleep
CloseHandle
FreeEnvironmentStringsA
DeleteCriticalSection
SetHandleCount
EnumResourceNamesA
GetUserDefaultLCID
GetModuleFileNameW
LeaveCriticalSection
LCMapStringW
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
SetEndOfFile
GetTickCount
GetConsoleCP
GetCurrentProcess
GetOEMCP
GetConsoleOutputCP
ExitProcess
RtlUnwind
GetLocaleInfoW
SetStdHandle
InterlockedDecrement
GetVersionExA
GetConsoleMode
GetCurrentProcessId
UnhandledExceptionFilter
GetFileType
GetFullPathNameW
GetLocaleInfoA
VirtualFree
HeapFree
CreateFileA
SetLastError
TlsGetValue
HeapCreate
GetCommandLineA
HeapAlloc
GetStringTypeW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetLastError
GetFullPathNameA

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e33b75c819cca9705e08757d75e04db3

Headers

File Characteristics

Imports

ole32

rpcrt4

shell32

advapi32

kernel32

shlwapi

user32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB