2606c98654a91d247d5fd4cbcd461ba1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2606c98654a91d247d5fd4cbcd461ba1_JaffaCakes118
Size

184KB
MD5

2606c98654a91d247d5fd4cbcd461ba1
SHA1

93e7b4ec025f974847c1487ce5834b621889625c
SHA256

773635cd40ca27a0d376335629315dbe7ba0813d107eae62334cb3064d4b9884
SHA512

ee9f99c4c2642f55e89a3e9ab7c9a0e30574094339e98a2058b11e09adaf280ae04778ce673e42a3906dce5c61392334abd8655b689a4008c72126294c38dd15
SSDEEP

3072:e3T0AZhqZxhzZYM7MYucBtvtMsmEj7aT6nVkaAhdrH+fKsOeQ1Q5kuNPnTJx:elZ4PYvmrvtMsv3+5jIKsOe2Qa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2606c98654a91d247d5fd4cbcd461ba1_JaffaCakes118

Files

2606c98654a91d247d5fd4cbcd461ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c231b16e65e79e9267d4bd988fdf0fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
CoInitialize
StringFromGUID2
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

GetFileType
RtlUnwind
HeapCreate
GetTickCount
GetUserDefaultLCID
SetFilePointer
GetCurrentProcessId
GetStartupInfoA
GetACP
GetSystemTimeAsFileTime
GetThreadPriority
SetStdHandle
SetEndOfFile
CloseHandle
UnhandledExceptionFilter
VirtualAlloc
EnterCriticalSection
IsDebuggerPresent
VirtualFree
GlobalAlloc
GetConsoleOutputCP
GetModuleFileNameA
GetCurrentThreadId
GetCommandLineA
WriteConsoleW
GetModuleFileNameW
GetEnvironmentStringsW
GetProcAddress
SetCommTimeouts
EnumSystemLocalesA
GetOEMCP
WideCharToMultiByte
GetLastError
GetModuleHandleA
GetLocaleInfoW
HeapFree
QueryPerformanceCounter
InterlockedDecrement
ExitProcess
GetLocaleInfoA
LCMapStringA
LeaveCriticalSection
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
EnumResourceNamesA
HeapSize
TlsSetValue
InitializeCriticalSection
ReadFile
GetCurrentDirectoryW
TerminateProcess
GetConsoleMode
GetProcessHeap
GetStdHandle
HeapReAlloc
TlsFree
ExitProcess
LoadLibraryA
FlushFileBuffers
TlsGetValue
IsValidLocale
HeapDestroy
SetUnhandledExceptionFilter
Sleep
GetStringTypeW
GetCPInfo
SetLastError
GetStringTypeA
DeleteCriticalSection
FreeEnvironmentStringsW
GetVersionExA
HeapAlloc
GetConsoleCP
GetCurrentProcess
InterlockedIncrement
IsValidCodePage
GetEnvironmentStrings
CreateFileA
RaiseException
TlsAlloc
WriteFile
WriteConsoleA
SetHandleCount
GetFullPathNameW
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

shlwapi

SHDeleteKeyW

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c231b16e65e79e9267d4bd988fdf0fd

Headers

File Characteristics

Imports

ole32

shell32

kernel32

advapi32

user32

rpcrt4

shlwapi

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 216KB