ab0c731a242752140f74e6c60cfcffc1_JaffaCakes118

General

Target

ab0c731a242752140f74e6c60cfcffc1_JaffaCakes118
Size

168KB
MD5

ab0c731a242752140f74e6c60cfcffc1
SHA1

4b83e1b64dd8a1d3b86f6c9221303eaa2135925c
SHA256

c8e05e4621b3b06cd1b4189ff72e110a8697836c0a321d8d76b648c1272620dd
SHA512

b251805bbae56578291ea1623a0bb97f3f58f41e7e056e66fa8d8cc2ee5a1c33978969b3625f6560cdd2b129cd1c8f0b71e4461ee59603592923d0be1d749da3
SSDEEP

3072:hTtdyCBUAgafWE20tlow3LDx1GhuyZrALlooytHBDeZd3c:hjy27fWwtL7Dx1G1ZkLlooyzDUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab0c731a242752140f74e6c60cfcffc1_JaffaCakes118

Files

ab0c731a242752140f74e6c60cfcffc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnumSystemLocalesA
GlobalAlloc
WriteConsoleA
GetCurrentDirectoryW
LeaveCriticalSection
UnhandledExceptionFilter
GetThreadPriority
InterlockedDecrement
Sleep
WideCharToMultiByte
SetCommConfig
GetLastError
GetLocaleInfoW
WriteConsoleW
LCMapStringW
GetCurrentThreadId
ReadFile
SetStdHandle
GetConsoleOutputCP
IsDebuggerPresent
EnumResourceNamesA
CloseHandle
HeapSize
RaiseException
GetFullPathNameW
WriteFile
EnterCriticalSection
HeapFree
CreateFileA
SetEndOfFile
InterlockedIncrement
RtlUnwind
GetProcAddress
SetUnhandledExceptionFilter
MultiByteToWideChar
IsValidCodePage
LCMapStringA
GetUserDefaultLCID
ExitProcess
ExitProcess
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetVersionExA
HeapAlloc
GetCPInfo
GetModuleFileNameW
GetProcessHeap
GetModuleHandleA
IsValidLocale
GetCommandLineA
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

rpcrt4

UuidCreate

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

Imports

shell32

user32

kernel32

advapi32

rpcrt4

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 72KB