3c91841c7ccb775b04f17ff984721319_JaffaCakes118

General

Target

3c91841c7ccb775b04f17ff984721319_JaffaCakes118
Size

168KB
MD5

3c91841c7ccb775b04f17ff984721319
SHA1

7a37a7abdacd922764dd696949393279c6b1cf98
SHA256

6f9fcaa85ba779c80e98688c4a8ceb0d2a89679b2e0037bad1013a6ccfe36ff3
SHA512

2ed8840610a21cb024f8e022904884f888bd5d3122ae254ad859cc271a1e439b1161e2b4dfecff64d492f184763b0e2ad101698eff9011b2e6a94d86e11f30fd
SSDEEP

3072:hTtdyCBUAgafWE20tlow3LDx1GhuyZrALlooytHBDeZd3c:hjy27fWwtL7Dx1G1ZkLlooyzDUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c91841c7ccb775b04f17ff984721319_JaffaCakes118

Files

3c91841c7ccb775b04f17ff984721319_JaffaCakes118
.exe windows:4 windows x86 arch:x86

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnumSystemLocalesA
GlobalAlloc
WriteConsoleA
GetCurrentDirectoryW
LeaveCriticalSection
UnhandledExceptionFilter
GetThreadPriority
InterlockedDecrement
Sleep
WideCharToMultiByte
SetCommConfig
GetLastError
GetLocaleInfoW
WriteConsoleW
LCMapStringW
GetCurrentThreadId
ReadFile
SetStdHandle
GetConsoleOutputCP
IsDebuggerPresent
EnumResourceNamesA
CloseHandle
HeapSize
RaiseException
GetFullPathNameW
WriteFile
EnterCriticalSection
HeapFree
CreateFileA
SetEndOfFile
InterlockedIncrement
RtlUnwind
GetProcAddress
SetUnhandledExceptionFilter
MultiByteToWideChar
IsValidCodePage
LCMapStringA
GetUserDefaultLCID
ExitProcess
ExitProcess
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetVersionExA
HeapAlloc
GetCPInfo
GetModuleFileNameW
GetProcessHeap
GetModuleHandleA
IsValidLocale
GetCommandLineA
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

rpcrt4

UuidCreate

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891af9e743fcc4c7341b54ed1da52631

Headers

File Characteristics

Imports

shell32

user32

kernel32

advapi32

rpcrt4

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 72KB