b2962d8e0521ce18ff1d33a6c7a05110_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2962d8e0521ce18ff1d33a6c7a05110_JaffaCakes118
Size

192KB
MD5

b2962d8e0521ce18ff1d33a6c7a05110
SHA1

509ee10eb31b05717aed5bd134b2ad22bd21b2c5
SHA256

c0a3a7c45dcc1454ae0ff654bc0f19fc501c788c18fd4baa62b8f1f7a94f9a73
SHA512

3e7f984a6b3d1a0fd618daeee451d50ce0cd6a141e4c428198f3fa081c8e56b0c026c3cb679046561dcca05fcb18a380aa1e7f1216a917ed3c52f80ff1685091
SSDEEP

3072:YfjOTKIudVwHQKde3sojb0t2AP89BENUH+3PkC66UuwzCt4ld/GBNkPWmnBnU:Y7YKLK08mfg8CUoPUBCt4l0kPPU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2962d8e0521ce18ff1d33a6c7a05110_JaffaCakes118

Files

b2962d8e0521ce18ff1d33a6c7a05110_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64a2ebf9ee6c85a136d01070c5c0e3d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
HeapFree
InterlockedDecrement
SetUnhandledExceptionFilter
DeleteCriticalSection
GetEnvironmentStringsW
WriteConsoleA
SetFilePointer
FlushFileBuffers
EnumSystemLocalesA
GetThreadPriority
VirtualFree
HeapSize
GetCurrentProcessId
GetCommandLineA
GlobalAlloc
GetCurrentThreadId
TlsAlloc
GetStringTypeA
WriteFile
Sleep
RaiseException
ReadFile
FreeEnvironmentStringsW
TerminateProcess
HeapCreate
GetLastError
IsDebuggerPresent
FreeEnvironmentStringsA
SetCommTimeouts
TlsSetValue
LCMapStringA
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
TlsGetValue
IsValidLocale
CloseHandle
GetConsoleOutputCP
GetEnvironmentStrings
GetProcessHeap
EnumResourceNamesA
GetLocaleInfoA
RtlUnwind
TlsFree
UnhandledExceptionFilter
SetEndOfFile
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetFullPathNameW
InitializeCriticalSection
WriteConsoleW
GetACP
LCMapStringW
HeapAlloc
InterlockedIncrement
GetCPInfo
GetConsoleCP
IsValidCodePage
WideCharToMultiByte
GetOEMCP
CreateFileA
LoadLibraryA
GetStdHandle
GetUserDefaultLCID
ExitProcess
ExitProcess
GetProcAddress
GetLocaleInfoW
GetVersionExA
GetModuleHandleA
HeapDestroy
GetCurrentProcess
GetStringTypeW
SetStdHandle
MultiByteToWideChar
GetTickCount
GetSystemTimeAsFileTime
HeapReAlloc
VirtualAlloc
SetLastError
GetModuleFileNameW
GetConsoleMode
GetFileType
GetFullPathNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoCreateGuid
CoInitialize
CoSetProxyBlanket

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64a2ebf9ee6c85a136d01070c5c0e3d1

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

rpcrt4

ole32

shlwapi

user32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 88KB