d0e80c4b4542e7efe2ff13d7d0dfcf29_JaffaCakes118

General

Target

d0e80c4b4542e7efe2ff13d7d0dfcf29_JaffaCakes118
Size

182KB
MD5

d0e80c4b4542e7efe2ff13d7d0dfcf29
SHA1

a70dc9e0418a77459d5127369311ab553c136767
SHA256

ab8a3af4483116637352810e2b7033548337b2bd796e9fe48017f2acf8b74907
SHA512

31a2e3ba04e3aac3ea1d6676ad880d137669cf45bc66799fc9e303a0b64f2eab8ad58a547ecb7c30be0dffe78de800ccbcfe14df8a304f1ea7e2cac7c5a57da2
SSDEEP

3072:3gjcHBfqaePyO1vEwgIsoRziN9KEDCARg5bq6K/qqgS2f:3k6VNePyTwvTON9KEG5cqqgSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e80c4b4542e7efe2ff13d7d0dfcf29_JaffaCakes118

Files

d0e80c4b4542e7efe2ff13d7d0dfcf29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbb3f3a23aaba81f59e84f54487e300a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetThreadPriority
EnterCriticalSection
GetCPInfo
GetCurrentDirectoryW
HeapAlloc
GetCurrentThreadId
GetConsoleOutputCP
InitializeCriticalSection
GetModuleHandleA
Sleep
HeapFree
UnhandledExceptionFilter
HeapReAlloc
LCMapStringW
SetUnhandledExceptionFilter
PurgeComm
GetCommandLineA
WideCharToMultiByte
HeapSize
EnumSystemLocalesA
GetProcessHeap
WriteConsoleW
RaiseException
GetLocaleInfoW
WriteConsoleA
IsDebuggerPresent
SetEndOfFile
EnumResourceNamesA
InterlockedIncrement
ReadFile
GetVersionExA
IsValidCodePage
GetFullPathNameW
ExitProcess
TerminateProcess
WriteFile
DeleteCriticalSection
IsValidLocale
GlobalAlloc
SetStdHandle
GetLastError
CloseHandle
CreateFileA
MultiByteToWideChar
ExitProcess
GetCurrentProcess
RtlUnwind
GetUserDefaultLCID
GetModuleFileNameW
LeaveCriticalSection
LCMapStringA
InterlockedDecrement
GetProcAddress
GetFullPathNameA

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbb3f3a23aaba81f59e84f54487e300a

Headers

File Characteristics

Imports

kernel32

rpcrt4

user32

shell32

advapi32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 216KB