7787bb5fd773483df941166e218ba5a3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7787bb5fd773483df941166e218ba5a3_JaffaCakes118
Size

181KB
MD5

7787bb5fd773483df941166e218ba5a3
SHA1

885381cb9cfa2b523cd1bec1a009de67a8f37e86
SHA256

c2fb88e5f1c770e54fcadb815459fd82913328b1d686db256ba8f484c39f4f83
SHA512

19bfd4555d2876417d7e5051e85a2021f0be4f3426fceb2725914edc61aed79a21aa73c738ab68a458e8430cdbf313beaf2031d9b8ee4bea84cf0fa548baa517
SSDEEP

3072:vu/FrTyBRsLjITLY1qepzNbM6DNg83WSuRJ4DLSf1V4g9iR4RTEjbkX27Vo:Gdfe+LjiovzZxFGzBf8RRj0X2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7787bb5fd773483df941166e218ba5a3_JaffaCakes118

Files

7787bb5fd773483df941166e218ba5a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27ec8180d2fea48198e12a024000fbb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

shlwapi

SHDeleteKeyW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

kernel32

WriteConsoleA
SetLastError
GetThreadPriority
GetEnvironmentStringsW
SetHandleCount
GetProcessHeap
GetModuleFileNameW
HeapCreate
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
FlushFileBuffers
LoadLibraryA
QueryPerformanceCounter
GetCommandLineA
InitializeCriticalSection
HeapFree
SetFilePointer
UnhandledExceptionFilter
TlsFree
GetConsoleCP
GetSystemTimeAsFileTime
GetStdHandle
LCMapStringW
GetCurrentThreadId
IsValidCodePage
GetStringTypeW
HeapReAlloc
MultiByteToWideChar
GetFileType
GetLastError
SetEndOfFile
CloseHandle
SetCommTimeouts
GetStringTypeA
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
FreeEnvironmentStringsW
GetVersionExA
GetLocaleInfoW
EnumResourceNamesA
GetProcAddress
HeapDestroy
VirtualAlloc
ReadFile
IsDebuggerPresent
VirtualFree
LCMapStringA
TerminateProcess
GetTickCount
EnumSystemLocalesA
ExitProcess
GetStartupInfoA
LeaveCriticalSection
ExitProcess
RaiseException
InterlockedIncrement
GetLocaleInfoA
GetCurrentProcess
SetStdHandle
GetCurrentDirectoryW
GetConsoleMode
GetEnvironmentStrings
GetConsoleOutputCP
IsValidLocale
TlsSetValue
HeapAlloc
CreateFileA
TlsGetValue
TlsAlloc
GetACP
HeapSize
WriteConsoleW
DeleteCriticalSection
GlobalAlloc
GetCurrentProcessId
GetUserDefaultLCID
WriteFile
EnterCriticalSection
GetFullPathNameW
Sleep
GetCPInfo
RtlUnwind
GetOEMCP
GetModuleFileNameA
GetFullPathNameA

rpcrt4

UuidCreate

ole32

CoInitialize
StringFromGUID2
CoCreateGuid
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27ec8180d2fea48198e12a024000fbb5

Headers

File Characteristics

Imports

shell32

shlwapi

advapi32

user32

kernel32

rpcrt4

ole32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 216KB