63a3df5d6787da1a77cdb44117acd9ff_JaffaCakes118

General

Target

63a3df5d6787da1a77cdb44117acd9ff_JaffaCakes118
Size

180KB
MD5

63a3df5d6787da1a77cdb44117acd9ff
SHA1

86f1a7ef2b2b1628b2aa6e2d837b7578bf46f5d4
SHA256

5aead1c9a77de3f029d0dc95a36aa397d4d98e5612d7e91f33f6c60add018b25
SHA512

b3b620e64a82dbd2762c4f4c63dd818401f2b67e855a72c206a8b08971e3de4582b6c24df80409c768502909de695bbed3451aed4dfaf6fddac772597c5b648a
SSDEEP

3072:tPit1bmzh+Am5ZAO05vx7fNE/Cv14MPsYVAFzsFhM4KEkYAnMJG56m39YHROF8fL:tMbmAAm+dfNsCv1rPs4AFz6GbEkT2G5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63a3df5d6787da1a77cdb44117acd9ff_JaffaCakes118

Files

63a3df5d6787da1a77cdb44117acd9ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e5053f05ed52410ea9b003f6e2f40fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

kernel32

LeaveCriticalSection
ExitProcess
GetCurrentThreadId
GetThreadPriority
GetFullPathNameW
InterlockedDecrement
RtlUnwind
SetUnhandledExceptionFilter
InterlockedIncrement
GetVersionExA
GetUserDefaultLCID
GetProcAddress
IsDebuggerPresent
GetCommandLineA
Sleep
ReadFile
SetupComm
InitializeCriticalSection
IsValidLocale
HeapAlloc
TerminateProcess
EnterCriticalSection
GetCPInfo
GetConsoleOutputCP
WriteFile
WriteConsoleA
DeleteCriticalSection
GetCurrentDirectoryW
HeapFree
GlobalAlloc
CreateFileA
EnumResourceNamesA
GetProcessHeap
HeapReAlloc
LCMapStringA
GetModuleHandleA
GetModuleFileNameW
EnumSystemLocalesA
ExitProcess
SetStdHandle
GetLastError
UnhandledExceptionFilter
IsValidCodePage
HeapSize
RaiseException
SetEndOfFile
GetCurrentProcess
CloseHandle
LCMapStringW
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
WriteConsoleW
GetFullPathNameA

user32

GetAncestor
MessageBoxW

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e5053f05ed52410ea9b003f6e2f40fc

Headers

File Characteristics

Imports

shell32

rpcrt4

kernel32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 344KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 344KB