e17364d5e8c2488aebdefadca710d210_JaffaCakes118

General

Target

e17364d5e8c2488aebdefadca710d210_JaffaCakes118
Size

182KB
MD5

e17364d5e8c2488aebdefadca710d210
SHA1

eaf56d5c4a7b87728d9c81315365f4dd214d2be8
SHA256

2cfa36b612179388444c42685aa9c8696d2ebffdb857f5e7d374f216129792e4
SHA512

bc50685fa3d07fe743da81a0d9a1e94f5f51d754ffe13ba89549a75097c64d0defc54e796877d4f2fdf2d79aab83155af16ce4801719c3f650287e8cd4aece27
SSDEEP

3072:uzGFkiN7wMeIzxtmugbR4GOBt9Iqu5Q6zN98FxN0wqmOMrq236stAoZdVqR5A/mE:EG9N7wMeIVMuuz0t9Iq4SxCEOMe2KILt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e17364d5e8c2488aebdefadca710d210_JaffaCakes118

Files

e17364d5e8c2488aebdefadca710d210_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bc6aef624f8760e86a10b5add0ae400

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

ReadFile
GetCPInfo
GetUserDefaultLCID
CloseHandle
Sleep
GetThreadPriority
GetCurrentThreadId
IsValidLocale
GetLocaleInfoW
DeleteCriticalSection
ExitProcess
GetModuleHandleA
UnhandledExceptionFilter
InitializeCriticalSection
SetUnhandledExceptionFilter
HeapSize
LCMapStringW
SetCommConfig
GetVersionExA
EnterCriticalSection
HeapAlloc
GetModuleFileNameW
GetConsoleOutputCP
EnumResourceNamesA
TerminateProcess
GetProcAddress
EnumSystemLocalesA
HeapReAlloc
RtlUnwind
SetStdHandle
RaiseException
GetProcessHeap
ExitProcess
CreateFileA
GlobalAlloc
LeaveCriticalSection
GetCurrentProcess
InterlockedIncrement
LCMapStringA
WideCharToMultiByte
GetCurrentDirectoryW
InterlockedDecrement
WriteFile
IsValidCodePage
GetFullPathNameW
WriteConsoleW
HeapFree
MultiByteToWideChar
GetLastError
IsDebuggerPresent
GetCommandLineA
SetEndOfFile
WriteConsoleA
GetFullPathNameA

ole32

CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitialize
StringFromGUID2
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bc6aef624f8760e86a10b5add0ae400

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

shell32

rpcrt4

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 216KB