64d35ad9f2b45fa30f487e352b7f767a_JaffaCakes118

General

Target

64d35ad9f2b45fa30f487e352b7f767a_JaffaCakes118
Size

164KB
MD5

64d35ad9f2b45fa30f487e352b7f767a
SHA1

2cdf086a7d804dc4a5506453950c2212b85574e1
SHA256

197b60b3f567d33502af68df2980ae1773b826aa207ff19c8483208a7e0d468b
SHA512

1b717cab376615f50e3975e97383d92f7e4ae88cafea7d94e00fb36075eb3797a0828d48d823d6cd23d86d2df04083521d21a8e0ce2cecfbbc4bf0f0a2001c50
SSDEEP

3072:gOVQz9TdWMgMqQIxdr8T61B7hznxQMs0hF1kfhQ5vnKw/R:pVu8Bkodr8m160L14hkfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64d35ad9f2b45fa30f487e352b7f767a_JaffaCakes118

Files

64d35ad9f2b45fa30f487e352b7f767a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b8a3959d1cc2186e57b5e6937fe4d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

kernel32

HeapAlloc
GetModuleFileNameW
ExitProcess
GlobalAlloc
GetProcessHeap
WriteConsoleA
GetThreadPriority
GetCommandLineA
GetLastError
RaiseException
MultiByteToWideChar
InterlockedIncrement
SetCommConfig
GetConsoleOutputCP
EnterCriticalSection
WriteConsoleW
IsDebuggerPresent
LCMapStringW
ReadFile
IsValidLocale
LeaveCriticalSection
SetEndOfFile
HeapSize
DeleteCriticalSection
IsValidCodePage
CloseHandle
GetFullPathNameW
EnumResourceNamesA
GetProcAddress
UnhandledExceptionFilter
GetCPInfo
EnumSystemLocalesA
GetUserDefaultLCID
Sleep
GetCurrentThreadId
ExitProcess
CreateFileA
GetCurrentDirectoryW
HeapReAlloc
TerminateProcess
RtlUnwind
SetStdHandle
WideCharToMultiByte
GetLocaleInfoW
InterlockedDecrement
LCMapStringA
InitializeCriticalSection
GetCurrentProcess
HeapFree
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetVersionExA
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b8a3959d1cc2186e57b5e6937fe4d33

Headers

File Characteristics

Imports

rpcrt4

advapi32

ole32

user32

kernel32

shell32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 72KB