3bfc60825d0e7867bd39cbca9b643f14_JaffaCakes118

General

Target

3bfc60825d0e7867bd39cbca9b643f14_JaffaCakes118
Size

177KB
MD5

3bfc60825d0e7867bd39cbca9b643f14
SHA1

b77ee7eac29cb6db96f0cf58773045f0656f0112
SHA256

683968cec65e5ffb7ba0c02188b835990c6377d177176390ad067a185b13877b
SHA512

372b28d0bf8fc29db0b7e70c572f43225eab24d1eb45da6a2d839d949b232430717b512369f3ecea909799e35cd4a1559197ee3f664ff81ebf0ee5bf1594a055
SSDEEP

3072:kwOOZgfxSakCssabmOWbX3hjQ5+KK8KJ/laxBpHtMu3fcOUrDJrL:JdZgpTko73ZQ5/K8KJ4xBLM+fL8Jr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bfc60825d0e7867bd39cbca9b643f14_JaffaCakes118

Files

3bfc60825d0e7867bd39cbca9b643f14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2025f10eedb88dfd9fada83364c74d99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

HeapReAlloc
GetUserDefaultLCID
InterlockedIncrement
GetLastError
GetLocaleInfoW
GetThreadPriority
GetCPInfo
IsValidCodePage
GetModuleFileNameW
DeleteCriticalSection
CreateFileA
GetFullPathNameW
IsDebuggerPresent
TerminateProcess
SetCommConfig
GlobalAlloc
HeapFree
EnterCriticalSection
WriteConsoleW
GetCurrentThreadId
RtlUnwind
GetProcAddress
ReadFile
GetCurrentDirectoryW
EnumResourceNamesA
LeaveCriticalSection
SetUnhandledExceptionFilter
GetConsoleOutputCP
IsValidLocale
InitializeCriticalSection
RaiseException
GetProcessHeap
ExitProcess
HeapSize
WriteFile
SetStdHandle
WriteConsoleA
EnumSystemLocalesA
WideCharToMultiByte
GetVersionExA
ExitProcess
SetEndOfFile
GetCurrentProcess
HeapAlloc
LCMapStringA
UnhandledExceptionFilter
Sleep
GetModuleHandleA
CloseHandle
LCMapStringW
InterlockedDecrement
MultiByteToWideChar
GetCommandLineA
GetFullPathNameA

ole32

CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket

rpcrt4

UuidCreate

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2025f10eedb88dfd9fada83364c74d99

Headers

File Characteristics

Imports

advapi32

user32

shell32

kernel32

ole32

rpcrt4

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 29KB - Virtual size: 28KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 29KB - Virtual size: 28KB

.crt
Size: 512B - Virtual size: 348KB