66e2e0acc7bcacd5d70fc1931df3ff91_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66e2e0acc7bcacd5d70fc1931df3ff91_JaffaCakes118
Size

185KB
MD5

66e2e0acc7bcacd5d70fc1931df3ff91
SHA1

0bafc08a5a58f61a4a3730e4987485e54106aa98
SHA256

59f8fa4d3f01c792b4dd6a90085a04fc6b7362193aaa1353a9a1410e5ed74d85
SHA512

178c344d1824a6b095aa40875564a82b4acc7bcd4bca6492dfb0729dbc11a37d561b1c0cd0f642ba95c80bb48b898d0cdacd46a2c67beb5920edb894360f6b8e
SSDEEP

3072:60eAvneRSCsLuHuhwBou1RcBeBoulQHwtdsEY0ecXQNVtNvUEk/AG0LU7Zs9:ZHeRS/LuHHFRKstoW6BcXQNVPUD/GU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e2e0acc7bcacd5d70fc1931df3ff91_JaffaCakes118

Files

66e2e0acc7bcacd5d70fc1931df3ff91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93ef26babc3c076b20d443b1a6afc381

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

GetACP
GetCurrentDirectoryW
UnhandledExceptionFilter
GetModuleFileNameA
SetFilePointer
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetThreadPriority
WriteFile
HeapSize
ReadFile
LeaveCriticalSection
GetCurrentThreadId
LCMapStringA
GlobalAlloc
GetStringTypeW
DeleteCriticalSection
LCMapStringW
TlsGetValue
SetCommTimeouts
GetOEMCP
SetLastError
SetHandleCount
MultiByteToWideChar
GetProcAddress
GetLocaleInfoA
GetTickCount
HeapReAlloc
SetStdHandle
CreateFileA
GetModuleFileNameW
SetEndOfFile
FreeEnvironmentStringsA
TlsFree
GetFileType
RtlUnwind
GetConsoleCP
GetConsoleOutputCP
GetCurrentProcess
HeapAlloc
VirtualFree
GetLastError
LoadLibraryA
HeapFree
Sleep
HeapDestroy
InitializeCriticalSection
EnumResourceNamesA
TlsSetValue
GetStdHandle
GetEnvironmentStrings
WriteConsoleW
HeapCreate
VirtualAlloc
GetCurrentProcessId
ExitProcess
EnterCriticalSection
InterlockedDecrement
GetCommandLineA
TerminateProcess
ExitProcess
WriteConsoleA
RaiseException
InterlockedIncrement
GetUserDefaultLCID
IsValidCodePage
GetStringTypeA
CloseHandle
EnumSystemLocalesA
GetStartupInfoA
GetSystemTimeAsFileTime
IsDebuggerPresent
FlushFileBuffers
GetModuleHandleA
FreeEnvironmentStringsW
GetFullPathNameW
WideCharToMultiByte
GetVersionExA
TlsAlloc
IsValidLocale
GetConsoleMode
GetLocaleInfoW
GetProcessHeap
GetCPInfo
QueryPerformanceCounter
GetFullPathNameA

ole32

CoInitialize
CoCreateGuid
StringFromGUID2
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

rpcrt4

UuidCreate

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93ef26babc3c076b20d443b1a6afc381

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

shell32

kernel32

ole32

rpcrt4

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 216KB