6984d3d5f3bfca498317424726b9c073_JaffaCakes118

General

Target

6984d3d5f3bfca498317424726b9c073_JaffaCakes118
Size

168KB
MD5

6984d3d5f3bfca498317424726b9c073
SHA1

9237cb883abbfc6400051419a848af547ef3a362
SHA256

09dced3e8ef2d55b3a734fd576258e34278dc9a6d953bba1329d74b948e85cc5
SHA512

e00f8130e818f19c582701969ec5fae8b2f067cab4b5fbe0de820488dec8add6b59ed0c1c28ef5f07c264bc869c89daf3a938f0ab77fdcb0aa1177a9c4de9e72
SSDEEP

3072:mpEW4D+UfOh7BuAgTIbAQDc1lE9mdZ93cfNdS9QF0B3N8p:7D9fw7Bu4AfbE9mdZJcfNdS9dB3Op

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6984d3d5f3bfca498317424726b9c073_JaffaCakes118

Files

6984d3d5f3bfca498317424726b9c073_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff0c55630430f4952097e4158c2c9a8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassLongA
MessageBoxW

kernel32

EnterCriticalSection
UnhandledExceptionFilter
Sleep
GetUserDefaultLCID
GetConsoleOutputCP
GetThreadPriority
InitializeCriticalSection
GetCurrentProcess
RtlUnwind
InterlockedIncrement
InterlockedDecrement
HeapFree
GetCurrentDirectoryW
SetCommConfig
EnumSystemLocalesA
ReadFile
IsValidCodePage
HeapReAlloc
GetLastError
GetProcessHeap
GetProcAddress
WriteConsoleA
CreateFileA
RaiseException
LCMapStringA
GetLocaleInfoW
LCMapStringW
DeleteCriticalSection
HeapAlloc
WriteConsoleW
CloseHandle
EnumResourceNamesA
IsValidLocale
GetCPInfo
GetModuleFileNameW
GetCommandLineA
GlobalAlloc
ExitProcess
MultiByteToWideChar
ExitProcess
IsDebuggerPresent
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
WriteFile
LeaveCriticalSection
SetEndOfFile
TerminateProcess
GetVersionExA
GetModuleHandleA
GetCurrentThreadId
GetFullPathNameW
WideCharToMultiByte
GetFullPathNameA

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoSetProxyBlanket

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0c55630430f4952097e4158c2c9a8c

Headers

File Characteristics

Imports

user32

kernel32

rpcrt4

advapi32

shell32

ole32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.crt
Size: 512B - Virtual size: 68KB