b791db68682b861d613c44af0383cd17_JaffaCakes118

General

Target

b791db68682b861d613c44af0383cd17_JaffaCakes118
Size

179KB
MD5

b791db68682b861d613c44af0383cd17
SHA1

73a5234c58a7a162466ad0fbb06832a9a6359643
SHA256

1c624702ae179751419ef6a4ef9826a6c13ce5d6175b600c8dc46857f9374689
SHA512

32b7211a5c187145b9ef22083d67af44f77d0755915373af2b6fcc897f222dec423ce81e416cf1b36be50e472fa98267c8df0709e8403c1a1230f97fe15c51db
SSDEEP

3072:K4EKrr2Xl9t0/sE2+Xj4yJa38Et1q7veqLUyxkChSCiXL6InHrRLyKAKLvnfL2:K4A+/sEljRUfi7veFyeChSCMnHr1ynKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b791db68682b861d613c44af0383cd17_JaffaCakes118

Files

b791db68682b861d613c44af0383cd17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdd5c109e16fa94cd4d570c719da2fc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetAncestor
MessageBoxW

rpcrt4

UuidCreate

kernel32

LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameW
SetStdHandle
GetCurrentThreadId
GetThreadPriority
GetCurrentProcess
WriteConsoleW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetCurrentDirectoryW
CreateFileA
DeleteCriticalSection
GetVersionExA
EnterCriticalSection
CloseHandle
SetupComm
LCMapStringW
MultiByteToWideChar
LCMapStringA
RaiseException
InterlockedDecrement
GetCommandLineA
EnumResourceNamesA
GetFullPathNameW
IsValidCodePage
HeapAlloc
RtlUnwind
IsDebuggerPresent
GetLastError
SetEndOfFile
GetProcAddress
GetProcessHeap
ExitProcess
GlobalAlloc
GetUserDefaultLCID
WriteConsoleA
WriteFile
WideCharToMultiByte
ExitProcess
TerminateProcess
GetModuleHandleA
HeapFree
ReadFile
HeapSize
SetUnhandledExceptionFilter
InterlockedIncrement
UnhandledExceptionFilter
Sleep
HeapReAlloc
GetConsoleOutputCP
GetCPInfo
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdd5c109e16fa94cd4d570c719da2fc7

Headers

File Characteristics

Imports

user32

rpcrt4

kernel32

shell32

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 348KB