2ee8dd74d46404b642d8217d14611402_JaffaCakes118

General

Target

2ee8dd74d46404b642d8217d14611402_JaffaCakes118
Size

168KB
MD5

2ee8dd74d46404b642d8217d14611402
SHA1

09d4cf1eda449eb01a2f584458e1bfd01c30c759
SHA256

6ca507d33181b416cd934147d525fcb28a3174eb1742593cee23b9b52f89bcfb
SHA512

c469ec51b81d78e6e45e94c22b04f37c708a9430e9e203260884ac2e4031482b9131f55a6b91e13d30ad4f6430735c2fdbf2323ef4d0d0e74b4dc364b6dced5b
SSDEEP

3072:mpEW4D+UfOh7BuAgTIbAQDc1lE9mdZ93cfNdS9QF0B3N8p:7D9fw7Bu4AfbE9mdZJcfNdS9dB3Op

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee8dd74d46404b642d8217d14611402_JaffaCakes118

Files

2ee8dd74d46404b642d8217d14611402_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff0c55630430f4952097e4158c2c9a8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassLongA
MessageBoxW

kernel32

EnterCriticalSection
UnhandledExceptionFilter
Sleep
GetUserDefaultLCID
GetConsoleOutputCP
GetThreadPriority
InitializeCriticalSection
GetCurrentProcess
RtlUnwind
InterlockedIncrement
InterlockedDecrement
HeapFree
GetCurrentDirectoryW
SetCommConfig
EnumSystemLocalesA
ReadFile
IsValidCodePage
HeapReAlloc
GetLastError
GetProcessHeap
GetProcAddress
WriteConsoleA
CreateFileA
RaiseException
LCMapStringA
GetLocaleInfoW
LCMapStringW
DeleteCriticalSection
HeapAlloc
WriteConsoleW
CloseHandle
EnumResourceNamesA
IsValidLocale
GetCPInfo
GetModuleFileNameW
GetCommandLineA
GlobalAlloc
ExitProcess
MultiByteToWideChar
ExitProcess
IsDebuggerPresent
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
WriteFile
LeaveCriticalSection
SetEndOfFile
TerminateProcess
GetVersionExA
GetModuleHandleA
GetCurrentThreadId
GetFullPathNameW
WideCharToMultiByte
GetFullPathNameA

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoSetProxyBlanket

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0c55630430f4952097e4158c2c9a8c

Headers

File Characteristics

Imports

user32

kernel32

rpcrt4

advapi32

shell32

ole32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.crt
Size: 512B - Virtual size: 68KB