5bff54e79a9beadd816159d6c2e563fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5bff54e79a9beadd816159d6c2e563fd_JaffaCakes118
Size

166KB
MD5

5bff54e79a9beadd816159d6c2e563fd
SHA1

44fd66af5045e454f84a0efdd7e51bb909538820
SHA256

5a90178a2d08c3d52269e7a2003ddca9d820b910a8d986ad68c9bb2806bb1723
SHA512

6063e6bd3a0a5588c5c68797a6b3f2e3f81aae1cc8d63979d19b81c42794ed8b703e427190f9a55cbbcdf24161e0c06a305b09c31277e47b4bb57db34868d2db
SSDEEP

3072:M5ztNWKX32uEpqh9PV3ZBPPe4VZrdB9/a2cUFoEeOL1SEwYNhO:azbH2zp09JzZrFVxlHT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bff54e79a9beadd816159d6c2e563fd_JaffaCakes118

Files

5bff54e79a9beadd816159d6c2e563fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e33b75c819cca9705e08757d75e04db3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitialize
CoCreateGuid
CoSetProxyBlanket

rpcrt4

UuidCreate

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

SetFilePointer
TlsFree
GetProcAddress
RaiseException
HeapSize
HeapDestroy
HeapReAlloc
TerminateProcess
WriteConsoleW
VirtualAlloc
FlushFileBuffers
EnumSystemLocalesA
WriteConsoleA
LCMapStringA
GetThreadPriority
GetModuleHandleA
GetSystemTimeAsFileTime
GetStringTypeA
EnterCriticalSection
GlobalAlloc
InterlockedIncrement
ExitProcess
GetProcessHeap
GetModuleFileNameA
FreeEnvironmentStringsW
IsValidLocale
WriteFile
GetCurrentThreadId
SetCommTimeouts
GetEnvironmentStrings
ReadFile
InitializeCriticalSection
LoadLibraryA
IsValidCodePage
GetStdHandle
TlsAlloc
GetStartupInfoA
GetCurrentDirectoryW
IsDebuggerPresent
TlsSetValue
GetACP
QueryPerformanceCounter
Sleep
CloseHandle
FreeEnvironmentStringsA
DeleteCriticalSection
SetHandleCount
EnumResourceNamesA
GetUserDefaultLCID
GetModuleFileNameW
LeaveCriticalSection
LCMapStringW
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
SetEndOfFile
GetTickCount
GetConsoleCP
GetCurrentProcess
GetOEMCP
GetConsoleOutputCP
ExitProcess
RtlUnwind
GetLocaleInfoW
SetStdHandle
InterlockedDecrement
GetVersionExA
GetConsoleMode
GetCurrentProcessId
UnhandledExceptionFilter
GetFileType
GetFullPathNameW
GetLocaleInfoA
VirtualFree
HeapFree
CreateFileA
SetLastError
TlsGetValue
HeapCreate
GetCommandLineA
HeapAlloc
GetStringTypeW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetLastError
GetFullPathNameA

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e33b75c819cca9705e08757d75e04db3

Headers

File Characteristics

Imports

ole32

rpcrt4

shell32

advapi32

kernel32

shlwapi

user32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB