2a80e81ce38c30db2d563088222a9aec_JaffaCakes118

General

Target

2a80e81ce38c30db2d563088222a9aec_JaffaCakes118
Size

190KB
MD5

2a80e81ce38c30db2d563088222a9aec
SHA1

e903d16871f03320855156b10664f0c5abc4d729
SHA256

7e1e215a902635903ca4b9cd4e983ebaf61e50a9a55cd3e0436f6b52944c48d0
SHA512

657dc041615a4408d375632c5bc3df40fb29fb78118507c0fe4d6631a6270c01e781a30cc43dcc7c72b356dcbd6bfa4b478abbbee929a6bf8c1bd22a8a10aa32
SSDEEP

3072:TyfapWgRIZkQxJ94z0I8oRJw0915GSLjp3uxeMvV1FW2EeQ1G571NkRHxVk+2uvD:Tyfaqa6yzrt15GcpmeEVm2EVKZNkRHxD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a80e81ce38c30db2d563088222a9aec_JaffaCakes118

Files

2a80e81ce38c30db2d563088222a9aec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3eb9842cc7a7fc6b37cdc14caa8103f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
GetShortPathNameA
IsBadReadPtr
GetLastError
InterlockedExchange
ExitProcess
GetModuleHandleA
QueryPerformanceCounter
GetProcessHandleCount
CreateFileA
WideCharToMultiByte
GetTickCount
GetProcAddress
GetThreadLocale
InterlockedDecrement
GetACP
EnterCriticalSection
EnumResourceTypesA
InterlockedIncrement
lstrlenW
LocalFree
FreeLibrary
GetCurrentThreadId
GetLocaleInfoA
GetFileAttributesA
CloseHandle
LoadLibraryA
InitializeCriticalSection
GetCurrentProcessId
lstrlenA
IsBadWritePtr
LeaveCriticalSection
UnhandledExceptionFilter
MultiByteToWideChar
GetSystemTimeAsFileTime
DeleteCriticalSection
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

user32

wsprintfA
wsprintfW

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3eb9842cc7a7fc6b37cdc14caa8103f5

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

shell32

setupapi

user32

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 76KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 76KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB