fa75bfed89874f57b1101ef05342a107_JaffaCakes118

General

Target

fa75bfed89874f57b1101ef05342a107_JaffaCakes118
Size

177KB
MD5

fa75bfed89874f57b1101ef05342a107
SHA1

c5af88cfec2500a7deae843fa78bb41426920652
SHA256

5b250c7204022918f7d513a2d0204d7750923f6afb8b4ce3f5e14a8bbefc4051
SHA512

4661422f23009326211d5da74d8608b5a5d31eb877e1c6906b21e6f5d0bfbdd49df4348acfc29e9c063dfd7307b2077aeb3a256478315dd08a265ca269686358
SSDEEP

3072:r//c/hxonIb1gwGs+ol1MkdZtG0sR84bfxQAbFQjcTW7YMOTK8eef:jc/ToIbZGsXUaZY7zfGqQsI3bC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa75bfed89874f57b1101ef05342a107_JaffaCakes118

Files

fa75bfed89874f57b1101ef05342a107_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d995bf56099ac59253b629326031a54a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

kernel32

EnterCriticalSection
WriteConsoleA
RaiseException
GetThreadPriority
SetUnhandledExceptionFilter
GetConsoleOutputCP
IsDebuggerPresent
Sleep
HeapReAlloc
InterlockedDecrement
CloseHandle
LCMapStringA
DeleteCriticalSection
WriteFile
GetLastError
ExitProcess
MultiByteToWideChar
SetEndOfFile
EnumSystemLocalesA
TerminateProcess
SetCommConfig
InterlockedIncrement
GetProcessHeap
WriteConsoleW
GetCurrentProcess
SetStdHandle
GetVersionExA
GetProcAddress
ReadFile
EnumResourceNamesA
UnhandledExceptionFilter
GetCPInfo
InitializeCriticalSection
IsValidCodePage
IsValidLocale
ExitProcess
HeapSize
GlobalAlloc
GetFullPathNameW
GetUserDefaultLCID
WideCharToMultiByte
HeapFree
GetCommandLineA
LCMapStringW
GetCurrentThreadId
GetModuleHandleA
RtlUnwind
GetModuleFileNameW
HeapAlloc
GetLocaleInfoW
LeaveCriticalSection
CreateFileA
GetCurrentDirectoryW
GetFullPathNameA

ole32

CoCreateGuid
StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize
CoSetProxyBlanket

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d995bf56099ac59253b629326031a54a

Headers

File Characteristics

Imports

advapi32

shell32

rpcrt4

user32

kernel32

ole32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 212KB