3e73b2a8ae041e287aaa4d57c145a3bc_JaffaCakes118

General

Target

3e73b2a8ae041e287aaa4d57c145a3bc_JaffaCakes118
Size

167KB
MD5

3e73b2a8ae041e287aaa4d57c145a3bc
SHA1

57d518c893e5fb45b1e870be5f601d26b4f62e6c
SHA256

6b26f5bcb1ec40bb68f4ef16e58395169a797dde47f22b590e8d6be40bb04578
SHA512

b1ea26e15dc8331ec139ee7ff260fe13812393a6f1019736ebe2c1b64b78c8f8e9d2fe8c9cdad7b3a30dff1b0a579d7872f61c7770185f5b7efe71f6aa6241ba
SSDEEP

3072:qyyo6juKPGg1YWARsG6sUv4zZdUIOFiUZdQZwch8Uj++Sq7:So6jjPGgtG24spvZ4wO8W+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e73b2a8ae041e287aaa4d57c145a3bc_JaffaCakes118

Files

3e73b2a8ae041e287aaa4d57c145a3bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5347180b99cde24615d06abb4a3f5adc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

kernel32

InterlockedIncrement
LCMapStringW
GetFullPathNameW
EnterCriticalSection
HeapFree
GetLocaleInfoW
GetProcAddress
GetCurrentThreadId
WriteConsoleA
GetThreadPriority
WriteConsoleW
CloseHandle
DeleteCriticalSection
TerminateProcess
ExitProcess
IsValidLocale
SetCommConfig
SetUnhandledExceptionFilter
SetEndOfFile
UnhandledExceptionFilter
HeapReAlloc
IsDebuggerPresent
InitializeCriticalSection
Sleep
GetCurrentDirectoryW
GetConsoleOutputCP
GetCommandLineA
GetUserDefaultLCID
GetLastError
HeapAlloc
InterlockedDecrement
EnumResourceNamesA
RtlUnwind
GetProcessHeap
GetVersionExA
WideCharToMultiByte
GetCPInfo
WriteFile
CreateFileA
ReadFile
ExitProcess
GetModuleHandleA
GetModuleFileNameW
SetStdHandle
GetCurrentProcess
GlobalAlloc
EnumSystemLocalesA
IsValidCodePage
LeaveCriticalSection
RaiseException
MultiByteToWideChar
HeapSize
LCMapStringA
GetFullPathNameA

ole32

CoUninitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitialize
CoSetProxyBlanket

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5347180b99cde24615d06abb4a3f5adc

Headers

File Characteristics

Imports

rpcrt4

advapi32

shell32

user32

kernel32

ole32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 76KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 76KB