a7f1b1fdca45cffb793302ed11ad7b40_JaffaCakes118

General

Target

a7f1b1fdca45cffb793302ed11ad7b40_JaffaCakes118
Size

180KB
MD5

a7f1b1fdca45cffb793302ed11ad7b40
SHA1

df618de8d4b93471e3c9365479af4dd85bc5cdf0
SHA256

c1b6c80d9af1605d8d3dff73b9d446b155095ed2a412bf25707d6b59a9cfb7e6
SHA512

e37673c4c24609dd6d46fc39940c41dd6f35b3459e413fbedc8e129de9f33be535e0251820e791a5501db4126689e57132be2253c23693e477966036e20e6966
SSDEEP

3072:DDXoilZNPodSXYbZjIoSCozl0TrhjJeslH8ad+i+6FrLf70:XjAdEoZcoSCoRsrh9eSd5+KrL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f1b1fdca45cffb793302ed11ad7b40_JaffaCakes118

Files

a7f1b1fdca45cffb793302ed11ad7b40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

299b3dbd29cd177bc861fe12a6476f80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetAncestor
MessageBoxW

rpcrt4

UuidCreate

kernel32

GetModuleFileNameW
LCMapStringW
RtlUnwind
MultiByteToWideChar
GetVersionExA
InitializeCriticalSection
GetThreadPriority
UnhandledExceptionFilter
GlobalAlloc
WriteConsoleA
GetUserDefaultLCID
LCMapStringA
CloseHandle
ExitProcess
GetCurrentDirectoryW
WideCharToMultiByte
HeapReAlloc
EnterCriticalSection
GetFullPathNameW
IsDebuggerPresent
SetupComm
InterlockedIncrement
EnumSystemLocalesA
SetStdHandle
WriteFile
GetProcessHeap
GetModuleHandleA
HeapFree
EnumResourceNamesA
HeapAlloc
Sleep
TerminateProcess
GetCurrentThreadId
RaiseException
GetLocaleInfoW
GetLastError
GetCurrentProcess
ExitProcess
GetCommandLineA
DeleteCriticalSection
SetEndOfFile
ReadFile
GetConsoleOutputCP
GetProcAddress
SetUnhandledExceptionFilter
IsValidCodePage
GetCPInfo
IsValidLocale
WriteConsoleW
InterlockedDecrement
HeapSize
CreateFileA
LeaveCriticalSection
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

299b3dbd29cd177bc861fe12a6476f80

Headers

File Characteristics

Imports

user32

rpcrt4

kernel32

shell32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 220KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 220KB