4214cfc1edcb0be0f895ac990d1d2b9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4214cfc1edcb0be0f895ac990d1d2b9e_JaffaCakes118
Size

169KB
MD5

4214cfc1edcb0be0f895ac990d1d2b9e
SHA1

ab666b311c7463bc10783fabedc8b11ee9c0d1f9
SHA256

71322e850aedfdc844a2a65d1e5f71ee2dbae143f0110dd4d126842854b001bb
SHA512

acf17bf3fe29d764114cf2e0597ef19e80f4caab0d9aee602dadbeb77b84244b47d8ae03b19f416515e0c366f9ba6e37935ad6d8452258fb0dfe231a8e1498e6
SSDEEP

3072:GBBdqYCidtfSUtxyWvWqeW51QitD+oF6tx04So4n+zfYj213s5GDp7mUe+Os4G:GB3RjddBy7qlnQitfrTo4Qeq3JIpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4214cfc1edcb0be0f895ac990d1d2b9e_JaffaCakes118

Files

4214cfc1edcb0be0f895ac990d1d2b9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc8049d7d17bee373f4413fe86cd34a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shlwapi

SHDeleteKeyW

kernel32

GetSystemTimeAsFileTime
FlushFileBuffers
GetCurrentProcess
GetThreadPriority
HeapAlloc
TlsSetValue
HeapCreate
GetCurrentThreadId
LoadLibraryA
GetCPInfo
WriteConsoleA
TlsAlloc
SetHandleCount
UnhandledExceptionFilter
GetLastError
GetStringTypeW
GetVersionExA
GetStartupInfoA
InterlockedDecrement
TlsFree
SetStdHandle
GetModuleFileNameA
GetConsoleOutputCP
RaiseException
IsValidCodePage
GetCurrentProcessId
GetCommandLineA
SetCommTimeouts
GetUserDefaultLCID
LeaveCriticalSection
IsValidLocale
TerminateProcess
InitializeCriticalSection
MultiByteToWideChar
VirtualAlloc
CloseHandle
TlsGetValue
EnumResourceNamesA
GetStdHandle
GetStringTypeA
GetLocaleInfoA
GetModuleFileNameW
GetConsoleCP
GetACP
WideCharToMultiByte
GetCurrentDirectoryW
LCMapStringA
EnumSystemLocalesA
GetProcAddress
QueryPerformanceCounter
GetEnvironmentStrings
GetFullPathNameW
GetModuleHandleA
GetConsoleMode
DeleteCriticalSection
Sleep
LCMapStringW
SetUnhandledExceptionFilter
WriteConsoleW
SetLastError
EnterCriticalSection
HeapSize
GetEnvironmentStringsW
HeapFree
GetLocaleInfoW
GetTickCount
ExitProcess
WriteFile
FreeEnvironmentStringsW
RtlUnwind
InterlockedIncrement
FreeEnvironmentStringsA
SetEndOfFile
CreateFileA
GetProcessHeap
GetFileType
SetFilePointer
ExitProcess
IsDebuggerPresent
HeapDestroy
ReadFile
GetOEMCP
GlobalAlloc
HeapReAlloc
VirtualFree
GetFullPathNameA

ole32

CoCreateGuid
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc8049d7d17bee373f4413fe86cd34a4

Headers

File Characteristics

Imports

user32

shell32

rpcrt4

advapi32

shlwapi

kernel32

ole32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.crt
Size: 512B - Virtual size: 72KB