876330365bf765a6fd40ec7806d78721_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

876330365bf765a6fd40ec7806d78721_JaffaCakes118
Size

169KB
MD5

876330365bf765a6fd40ec7806d78721
SHA1

a4c8b197c83c60f16be062af07530b43a3565dcc
SHA256

47d560e426ac162504cbf405665e187fe7235af77b6e1fe4ecf90bc65ab071ab
SHA512

aafdd0867d84dba6c7243be5152b86f43e5d7a241b2a86cb78afe351c9f5bbb022d67ac2df2d6a0a3da286fd0530ee353ace777ff152a467f46922e7669faf78
SSDEEP

3072:GBBdqYCidtfSUtxyWvWqeW51QitD+oF6tx04So4n+zfYj213s5GDp7mUe+Os4G:GB3RjddBy7qlnQitfrTo4Qeq3JIpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
876330365bf765a6fd40ec7806d78721_JaffaCakes118

Files

876330365bf765a6fd40ec7806d78721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc8049d7d17bee373f4413fe86cd34a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shlwapi

SHDeleteKeyW

kernel32

GetSystemTimeAsFileTime
FlushFileBuffers
GetCurrentProcess
GetThreadPriority
HeapAlloc
TlsSetValue
HeapCreate
GetCurrentThreadId
LoadLibraryA
GetCPInfo
WriteConsoleA
TlsAlloc
SetHandleCount
UnhandledExceptionFilter
GetLastError
GetStringTypeW
GetVersionExA
GetStartupInfoA
InterlockedDecrement
TlsFree
SetStdHandle
GetModuleFileNameA
GetConsoleOutputCP
RaiseException
IsValidCodePage
GetCurrentProcessId
GetCommandLineA
SetCommTimeouts
GetUserDefaultLCID
LeaveCriticalSection
IsValidLocale
TerminateProcess
InitializeCriticalSection
MultiByteToWideChar
VirtualAlloc
CloseHandle
TlsGetValue
EnumResourceNamesA
GetStdHandle
GetStringTypeA
GetLocaleInfoA
GetModuleFileNameW
GetConsoleCP
GetACP
WideCharToMultiByte
GetCurrentDirectoryW
LCMapStringA
EnumSystemLocalesA
GetProcAddress
QueryPerformanceCounter
GetEnvironmentStrings
GetFullPathNameW
GetModuleHandleA
GetConsoleMode
DeleteCriticalSection
Sleep
LCMapStringW
SetUnhandledExceptionFilter
WriteConsoleW
SetLastError
EnterCriticalSection
HeapSize
GetEnvironmentStringsW
HeapFree
GetLocaleInfoW
GetTickCount
ExitProcess
WriteFile
FreeEnvironmentStringsW
RtlUnwind
InterlockedIncrement
FreeEnvironmentStringsA
SetEndOfFile
CreateFileA
GetProcessHeap
GetFileType
SetFilePointer
ExitProcess
IsDebuggerPresent
HeapDestroy
ReadFile
GetOEMCP
GlobalAlloc
HeapReAlloc
VirtualFree
GetFullPathNameA

ole32

CoCreateGuid
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc8049d7d17bee373f4413fe86cd34a4

Headers

File Characteristics

Imports

user32

shell32

rpcrt4

advapi32

shlwapi

kernel32

ole32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.crt
Size: 512B - Virtual size: 72KB