2f3a1c7a94a9e5771f1020ed3a9cbb10_JaffaCakes118

General

Target

2f3a1c7a94a9e5771f1020ed3a9cbb10_JaffaCakes118
Size

178KB
MD5

2f3a1c7a94a9e5771f1020ed3a9cbb10
SHA1

d257eb48c489a451283b09df0c71b657a289cfea
SHA256

6a220da984f99837aa7b824c1e376600e72ee1d15afa44b098bd44f28978a8c1
SHA512

21c9dcecd20e9104f570befcdbb695a6c6df27482e71b37847d35b2f0304158e5dca2a56a6d31ad57a283ff8f80a7e050a0ab0958a794630421341657d94b0d3
SSDEEP

3072:tE/olWhBJFXFFag42auhQTt/srmzj1YbTny6nPRtaYZzi:C/oU1FVQp21hQTt/NCbTny6ptbZzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3a1c7a94a9e5771f1020ed3a9cbb10_JaffaCakes118

Files

2f3a1c7a94a9e5771f1020ed3a9cbb10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f226358703517ddab4756828f56bf0ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoCreateGuid
CoInitialize
CoSetProxyBlanket

rpcrt4

UuidCreate

kernel32

Sleep
GetThreadPriority
GetFullPathNameW
MultiByteToWideChar
IsValidCodePage
DeleteCriticalSection
CreateFileA
HeapReAlloc
GetModuleHandleA
InterlockedIncrement
TerminateProcess
InterlockedDecrement
GetConsoleOutputCP
HeapSize
GlobalAlloc
RaiseException
GetProcAddress
EnumSystemLocalesA
WideCharToMultiByte
SetCommConfig
EnterCriticalSection
InitializeCriticalSection
EnumResourceNamesA
WriteConsoleW
GetUserDefaultLCID
SetUnhandledExceptionFilter
IsValidLocale
GetCurrentProcess
SetStdHandle
GetCommandLineA
GetModuleFileNameW
GetProcessHeap
ExitProcess
IsDebuggerPresent
SetEndOfFile
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
ReadFile
WriteFile
RtlUnwind
HeapFree
WriteConsoleA
CloseHandle
HeapAlloc
GetCurrentDirectoryW
LeaveCriticalSection
LCMapStringW
ExitProcess
GetVersionExA
GetLastError
LCMapStringA
GetCurrentThreadId
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f226358703517ddab4756828f56bf0ed

Headers

File Characteristics

Imports

shell32

advapi32

ole32

rpcrt4

kernel32

user32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 348KB