8e80b82f68a4d6c756fa048c430a2bad_JaffaCakes118

General

Target

8e80b82f68a4d6c756fa048c430a2bad_JaffaCakes118
Size

176KB
MD5

8e80b82f68a4d6c756fa048c430a2bad
SHA1

1c9b471c838fa8fcaf75d0abf3168191b88fe69e
SHA256

45f9e0396e9c799247538cfa26551d4193e576216045635b0c5743025823811e
SHA512

f6c0b09c9955021af349fa2f9333d6ce44052bb9cd298a4674f06b5d093be145b557bb1cc199cfcf42a4b06dc70eff2dd557551df2712cae2d50ba6846d6ae21
SSDEEP

3072:NYACI32xnQM9yF3MIKzG6QT8cxKvK5gE7OGLRaQx/YaaHk2iIhn3UFyyWxxIyAK+:NjCIunQWQ3MfzG6QT8ceLmaQ1iHkH+31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e80b82f68a4d6c756fa048c430a2bad_JaffaCakes118

Files

8e80b82f68a4d6c756fa048c430a2bad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

678bcd5932adfb0e8971635fae05f433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

kernel32

SetStdHandle
GetThreadPriority
ReadFile
EnterCriticalSection
GetCommandLineA
WriteConsoleW
HeapFree
GetCPInfo
RaiseException
GetProcAddress
CloseHandle
GetLocaleInfoW
SetCommConfig
SetEndOfFile
GetCurrentDirectoryW
GetLastError
GetModuleHandleA
LeaveCriticalSection
UnhandledExceptionFilter
GetVersionExA
CreateFileA
MultiByteToWideChar
IsValidCodePage
GetFullPathNameW
WriteConsoleA
ExitProcess
InitializeCriticalSection
EnumResourceNamesA
TerminateProcess
GetUserDefaultLCID
WideCharToMultiByte
EnumSystemLocalesA
WriteFile
Sleep
GetConsoleOutputCP
LCMapStringA
SetUnhandledExceptionFilter
ExitProcess
DeleteCriticalSection
LCMapStringW
GetModuleFileNameW
InterlockedIncrement
GetCurrentThreadId
HeapReAlloc
InterlockedDecrement
IsValidLocale
GetProcessHeap
GlobalAlloc
RtlUnwind
IsDebuggerPresent
GetCurrentProcess
HeapSize
HeapAlloc
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

678bcd5932adfb0e8971635fae05f433

Headers

File Characteristics

Imports

shell32

kernel32

user32

rpcrt4

advapi32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 22KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 22KB

.crt
Size: 512B - Virtual size: 212KB