30b20e27faf03463ea1d75b8c5b2cd8f_JaffaCakes118

General

Target

30b20e27faf03463ea1d75b8c5b2cd8f_JaffaCakes118
Size

177KB
MD5

30b20e27faf03463ea1d75b8c5b2cd8f
SHA1

3c5e1f5bf2477876b27b84d0a111340b663d1c56
SHA256

b2debcb1c356b1beb530362c396e98f732e7c4ba3b69b71ef238342f887a6205
SHA512

10317695955e7936d158a2f34a129e16c1c158648c001f5f76530e2fd2895a7e4d46b218d533596d3c768aae4d2e70d1644c7255cf769f7087da0aacfb617b19
SSDEEP

3072:r//c/hxonIb1gwGs+ol1MkdZtG0sR84bfxQAbFQjcTW7YMOTK8eef:jc/ToIbZGsXUaZY7zfGqQsI3bC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30b20e27faf03463ea1d75b8c5b2cd8f_JaffaCakes118

Files

30b20e27faf03463ea1d75b8c5b2cd8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d995bf56099ac59253b629326031a54a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

kernel32

EnterCriticalSection
WriteConsoleA
RaiseException
GetThreadPriority
SetUnhandledExceptionFilter
GetConsoleOutputCP
IsDebuggerPresent
Sleep
HeapReAlloc
InterlockedDecrement
CloseHandle
LCMapStringA
DeleteCriticalSection
WriteFile
GetLastError
ExitProcess
MultiByteToWideChar
SetEndOfFile
EnumSystemLocalesA
TerminateProcess
SetCommConfig
InterlockedIncrement
GetProcessHeap
WriteConsoleW
GetCurrentProcess
SetStdHandle
GetVersionExA
GetProcAddress
ReadFile
EnumResourceNamesA
UnhandledExceptionFilter
GetCPInfo
InitializeCriticalSection
IsValidCodePage
IsValidLocale
ExitProcess
HeapSize
GlobalAlloc
GetFullPathNameW
GetUserDefaultLCID
WideCharToMultiByte
HeapFree
GetCommandLineA
LCMapStringW
GetCurrentThreadId
GetModuleHandleA
RtlUnwind
GetModuleFileNameW
HeapAlloc
GetLocaleInfoW
LeaveCriticalSection
CreateFileA
GetCurrentDirectoryW
GetFullPathNameA

ole32

CoCreateGuid
StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize
CoSetProxyBlanket

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d995bf56099ac59253b629326031a54a

Headers

File Characteristics

Imports

advapi32

shell32

rpcrt4

user32

kernel32

ole32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 212KB