42fe73a89ddf44023ba6d7214afef236_JaffaCakes118

General

Target

42fe73a89ddf44023ba6d7214afef236_JaffaCakes118
Size

168KB
MD5

42fe73a89ddf44023ba6d7214afef236
SHA1

e8281f652e329296bbee3b466f61ea3f1795ba02
SHA256

6b5caa04dbfb2a2f3a59352e9219f0fd5a2b1ec9053f3257ce8d93a0d0544aa9
SHA512

cac2488752d8b6dc6ac3ead6c0ec0dac1a65dbbb9464782fe1e4f3944e12dffab6582357f6c112963f1ee666c4d82d08d85282efe671162a7325cd20751f5b56
SSDEEP

3072:BZ5QcpRU9FqIbP9vb15OL4AuvTY5pbmMxnsMZ3ysHZIhAu9/gmYb2afbGwlDl:BZ5QsU9Fd775oGM1Z3pHdk/gmYb2DwlJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fe73a89ddf44023ba6d7214afef236_JaffaCakes118

Files

42fe73a89ddf44023ba6d7214afef236_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ce2dcea54ac7439e99469e4578b59a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoSetProxyBlanket

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

GetThreadPriority
EnumSystemLocalesA
GetFullPathNameW
RtlUnwind
GetCurrentProcess
GetCurrentThreadId
InterlockedDecrement
RaiseException
LeaveCriticalSection
InterlockedIncrement
Sleep
WriteConsoleA
GetLastError
HeapReAlloc
SetCommConfig
IsValidLocale
GetModuleFileNameW
WriteFile
ReadFile
HeapAlloc
GetProcessHeap
GetLocaleInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetConsoleOutputCP
GetCPInfo
GlobalAlloc
EnumResourceNamesA
UnhandledExceptionFilter
WriteConsoleW
TerminateProcess
GetVersionExA
LCMapStringA
ExitProcess
SetStdHandle
CreateFileA
InitializeCriticalSection
HeapSize
ExitProcess
HeapFree
IsDebuggerPresent
GetModuleHandleA
EnterCriticalSection
MultiByteToWideChar
GetCommandLineA
DeleteCriticalSection
SetEndOfFile
GetUserDefaultLCID
IsValidCodePage
GetCurrentDirectoryW
LCMapStringW
WideCharToMultiByte
CloseHandle
GetFullPathNameA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ce2dcea54ac7439e99469e4578b59a1

Headers

File Characteristics

Imports

ole32

shell32

user32

rpcrt4

advapi32

kernel32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 16KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 16KB

.crt
Size: 512B - Virtual size: 68KB