46546fc5355442c2855fba6cd3107e21_JaffaCakes118

General

Target

46546fc5355442c2855fba6cd3107e21_JaffaCakes118
Size

168KB
MD5

46546fc5355442c2855fba6cd3107e21
SHA1

601cd68005b2bac6cbbda55bd709f052fe253db5
SHA256

d25e580bf915fc7dd5396c812eedc658598bc4e3c7e044f7d0610eec1faebff5
SHA512

9f5d3e535d12f6fe20c3f25feaee29157e264073b800ee0d8549c88ad2a1658312127e6af78c754b8fe132c3920c984d08e894a56f805dc95c2b31cf07eca270
SSDEEP

3072:hTtdyCBUAgafWE20tlow3LDx1GhuyZrALlooytHBDeZd3c:hjy27fWwtL7Dx1G1ZkLlooyzDUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46546fc5355442c2855fba6cd3107e21_JaffaCakes118

Files

46546fc5355442c2855fba6cd3107e21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnumSystemLocalesA
GlobalAlloc
WriteConsoleA
GetCurrentDirectoryW
LeaveCriticalSection
UnhandledExceptionFilter
GetThreadPriority
InterlockedDecrement
Sleep
WideCharToMultiByte
SetCommConfig
GetLastError
GetLocaleInfoW
WriteConsoleW
LCMapStringW
GetCurrentThreadId
ReadFile
SetStdHandle
GetConsoleOutputCP
IsDebuggerPresent
EnumResourceNamesA
CloseHandle
HeapSize
RaiseException
GetFullPathNameW
WriteFile
EnterCriticalSection
HeapFree
CreateFileA
SetEndOfFile
InterlockedIncrement
RtlUnwind
GetProcAddress
SetUnhandledExceptionFilter
MultiByteToWideChar
IsValidCodePage
LCMapStringA
GetUserDefaultLCID
ExitProcess
ExitProcess
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetVersionExA
HeapAlloc
GetCPInfo
GetModuleFileNameW
GetProcessHeap
GetModuleHandleA
IsValidLocale
GetCommandLineA
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

rpcrt4

UuidCreate

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

Imports

shell32

user32

kernel32

advapi32

rpcrt4

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 72KB