6556df900daa4b4ade1e8c8ebf2c2d9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6556df900daa4b4ade1e8c8ebf2c2d9f_JaffaCakes118
Size

164KB
MD5

6556df900daa4b4ade1e8c8ebf2c2d9f
SHA1

e94d7191b6223e83ca2563179ed081c346a773e5
SHA256

58c7a895e3ea6f670c0ffb9ecbb97c79554a1b5f73fcb37527b55437f2a0a64f
SHA512

9fdcc099123c57405526f666207619d3b0645c73d299c864e680d3627c94d67c9a09b423a7787700e0d252ea9931d687d8a80eea23e2029b14070aaa3a36283f
SSDEEP

3072:E/YuK075Rg3s7j+1jYEFLvexNqJtXh/KghK01qYO7AFY3WD6:vuKG63SjEJvLtRy4PO7ASy6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6556df900daa4b4ade1e8c8ebf2c2d9f_JaffaCakes118

Files

6556df900daa4b4ade1e8c8ebf2c2d9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f36de16c5519d3b2b8269ae782bca61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

kernel32

SetHandleCount
GetCommandLineA
GlobalAlloc
LCMapStringA
HeapDestroy
GetThreadPriority
HeapFree
InterlockedDecrement
HeapSize
GetCurrentProcessId
TlsSetValue
DeleteCriticalSection
GetModuleHandleA
GetCurrentDirectoryW
LeaveCriticalSection
TerminateProcess
SetEndOfFile
GetACP
FreeEnvironmentStringsA
CloseHandle
IsValidCodePage
SetCommTimeouts
LoadLibraryA
RaiseException
GetStringTypeW
GetCPInfo
GetModuleFileNameA
SetUnhandledExceptionFilter
GetLocaleInfoW
GetOEMCP
VirtualFree
CreateFileA
VirtualAlloc
GetEnvironmentStrings
EnumResourceNamesA
HeapAlloc
WideCharToMultiByte
GetConsoleCP
UnhandledExceptionFilter
GetLastError
WriteConsoleA
GetCurrentThreadId
GetSystemTimeAsFileTime
EnumSystemLocalesA
GetUserDefaultLCID
IsDebuggerPresent
GetTickCount
EnterCriticalSection
GetFullPathNameW
QueryPerformanceCounter
TlsAlloc
SetFilePointer
LCMapStringW
GetStringTypeA
InitializeCriticalSection
GetEnvironmentStringsW
ExitProcess
TlsGetValue
SetStdHandle
Sleep
WriteConsoleW
ReadFile
GetCurrentProcess
GetConsoleMode
FlushFileBuffers
SetLastError
GetStartupInfoA
IsValidLocale
ExitProcess
GetStdHandle
HeapReAlloc
RtlUnwind
GetProcAddress
GetVersionExA
InterlockedIncrement
WriteFile
GetModuleFileNameW
TlsFree
MultiByteToWideChar
GetFileType
GetConsoleOutputCP
FreeEnvironmentStringsW
GetProcessHeap
GetLocaleInfoA
HeapCreate
GetFullPathNameA

ole32

StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
CoSetProxyBlanket

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f36de16c5519d3b2b8269ae782bca61

Headers

File Characteristics

Imports

user32

rpcrt4

kernel32

ole32

advapi32

shlwapi

shell32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 76KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 76KB