6aacff039ecc14f67b014ce8e0f77a57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6aacff039ecc14f67b014ce8e0f77a57_JaffaCakes118
Size

167KB
MD5

6aacff039ecc14f67b014ce8e0f77a57
SHA1

b694ad72ede843f580ada331f88ff7c8d29ddf0e
SHA256

602ef0312630f1d30fd84919ce1a7fc6f5f7f6ba0bddc6f1439da8a85486c565
SHA512

0800430ac64cab8f55a17e0e7a65a7126f06d2ddcea43f73d646a49cd374eedf49c4de15e4c43e7fb6c78503237722f373e5902b92bfc4fab15e3bcc09c8ff51
SSDEEP

3072:XRMg1yWX9NfO/qatRGwHKmDG7b4RdLASnGX4fEsF7vecbpBo4j9S6Ypr:XR51FOywRGQhnQ4f/Fzjz9S6+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aacff039ecc14f67b014ce8e0f77a57_JaffaCakes118

Files

6aacff039ecc14f67b014ce8e0f77a57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3c5e124d1906575f14fe9e76816929e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromGUID2
CoSetProxyBlanket

rpcrt4

UuidCreate

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

kernel32

LoadLibraryA
HeapDestroy
GetThreadPriority
ReadFile
GetStartupInfoA
EnumSystemLocalesA
GetLocaleInfoW
Sleep
GetTickCount
VirtualFree
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
HeapReAlloc
TlsFree
GetStringTypeA
VirtualAlloc
SetFilePointer
HeapAlloc
GetCurrentDirectoryW
SetStdHandle
GetLocaleInfoA
InitializeCriticalSection
ExitProcess
MultiByteToWideChar
HeapFree
LCMapStringA
CreateFileA
SetCommTimeouts
WideCharToMultiByte
GetEnvironmentStringsW
GetStringTypeW
GetLastError
RaiseException
DeleteCriticalSection
GetFullPathNameW
UnhandledExceptionFilter
LeaveCriticalSection
GetCommandLineA
GetACP
EnumResourceNamesA
GetConsoleCP
GlobalAlloc
WriteFile
FreeEnvironmentStringsW
GetModuleFileNameW
GetCPInfo
GetCurrentProcess
GetSystemTimeAsFileTime
HeapSize
GetStdHandle
EnterCriticalSection
GetCurrentProcessId
FreeEnvironmentStringsA
IsDebuggerPresent
CloseHandle
ExitProcess
GetFileType
GetProcessHeap
GetModuleFileNameA
GetProcAddress
GetUserDefaultLCID
SetHandleCount
GetEnvironmentStrings
TlsSetValue
SetLastError
GetCurrentThreadId
FlushFileBuffers
TerminateProcess
HeapCreate
IsValidCodePage
LCMapStringW
InterlockedDecrement
GetOEMCP
GetConsoleMode
SetUnhandledExceptionFilter
WriteConsoleW
InterlockedIncrement
RtlUnwind
TlsGetValue
GetModuleHandleA
TlsAlloc
QueryPerformanceCounter
GetVersionExA
IsValidLocale
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3c5e124d1906575f14fe9e76816929e

Headers

File Characteristics

Imports

ole32

rpcrt4

shlwapi

user32

kernel32

advapi32

shell32

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 68KB