fa0d1f8354b983cc99e273925225ea5b_JaffaCakes118

General

Target

fa0d1f8354b983cc99e273925225ea5b_JaffaCakes118
Size

169KB
MD5

fa0d1f8354b983cc99e273925225ea5b
SHA1

b8a9bfa10d64d6269465ac6bef67d870107290a0
SHA256

45f04e37b8fa676b061a19351ba97d0406068f4e310c894657efb08d1de440dd
SHA512

2838118e18f3e9f720c677574a4d468a958e73ea386e5e3c9ecda503b994912582d2006e27ee3689522f262e5136ff9d17855c066b505f740244ca31cb835607
SSDEEP

3072:wt1bafFbpOm89og6VaDjDQuOh8Y+TGgvDPXQOXBN2xQpZ0/K7p0HOXMs:k+dbg5IaffY+TjDPXQOD2xQD0/K7p0uf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0d1f8354b983cc99e273925225ea5b_JaffaCakes118

Files

fa0d1f8354b983cc99e273925225ea5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8b93111c5c614977c6a9a2f6558c665

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetCommandLineA
WriteConsoleW
WideCharToMultiByte
GetThreadPriority
WriteConsoleA
LCMapStringA
GetModuleHandleA
GetCurrentThreadId
CloseHandle
GetConsoleOutputCP
GetCurrentProcess
SetUnhandledExceptionFilter
SetEndOfFile
GetLastError
SetCommConfig
GetProcessHeap
InterlockedDecrement
WriteFile
GetProcAddress
TerminateProcess
HeapSize
EnterCriticalSection
GetUserDefaultLCID
UnhandledExceptionFilter
IsValidCodePage
IsValidLocale
DeleteCriticalSection
LCMapStringW
GetVersionExA
EnumResourceNamesA
GetModuleFileNameW
GetCPInfo
InterlockedIncrement
CreateFileA
IsDebuggerPresent
MultiByteToWideChar
HeapFree
ExitProcess
ExitProcess
ReadFile
EnumSystemLocalesA
HeapReAlloc
HeapAlloc
RtlUnwind
GetLocaleInfoW
SetStdHandle
GetCurrentDirectoryW
GlobalAlloc
LeaveCriticalSection
GetFullPathNameW
RaiseException
Sleep
InitializeCriticalSection
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8b93111c5c614977c6a9a2f6558c665

Headers

File Characteristics

Imports

advapi32

kernel32

user32

shell32

rpcrt4

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 68KB