43c458db74417ef4a537243c95660832_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43c458db74417ef4a537243c95660832_JaffaCakes118
Size

192KB
MD5

43c458db74417ef4a537243c95660832
SHA1

edba6332de8d00d9e0708d309e2e5ec8eb31ac46
SHA256

a8f6badd8ca0a8224cb192605a110c07913dfc248c69c151e50a6f97f543bac7
SHA512

7968e93df84ac836d0e962e12611a4c1ee7f61dcc6fb63f459466249f07dd8895920366f63be50c9ddfef5e56c7b274bd8a88e03f873ffa80ee4a03d8a7cf7c4
SSDEEP

3072:MW5IJzFoJpEoZmq7xK+krIiP3Jzb9ym1RKzHzMK1RzVnOcwLsTEF27AK7pzQjX5:MWXJ6o1xKJcK53dTKzHD9BI8pzsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c458db74417ef4a537243c95660832_JaffaCakes118

Files

43c458db74417ef4a537243c95660832_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74b6df45c7f6834b3523cdab1ae56d0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

rpcrt4

UuidCreate

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetCPInfo
TerminateProcess
WideCharToMultiByte
TlsSetValue
InterlockedIncrement
WriteConsoleA
SetHandleCount
GetConsoleMode
GetStringTypeW
UnhandledExceptionFilter
SetFilePointer
GetConsoleCP
GetFileType
GetThreadPriority
WriteConsoleW
TlsAlloc
GetStdHandle
TlsGetValue
FreeEnvironmentStringsA
GetLocaleInfoA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTickCount
HeapCreate
GetCommandLineA
EnterCriticalSection
SetLastError
CloseHandle
HeapDestroy
FlushFileBuffers
GetEnvironmentStringsW
SetCommTimeouts
GetACP
GetModuleFileNameW
LoadLibraryA
HeapSize
Sleep
GetUserDefaultLCID
HeapReAlloc
LCMapStringW
IsDebuggerPresent
SetEndOfFile
HeapFree
GetCurrentProcess
GlobalAlloc
ReadFile
InterlockedDecrement
EnumResourceNamesA
HeapAlloc
GetCurrentDirectoryW
CreateFileA
GetStartupInfoA
VirtualAlloc
SetUnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetStringTypeA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
GetOEMCP
ExitProcess
DeleteCriticalSection
EnumSystemLocalesA
TlsFree
GetVersionExA
GetCurrentProcessId
ExitProcess
GetLocaleInfoW
GetEnvironmentStrings
SetStdHandle
LCMapStringA
IsValidLocale
WriteFile
GetModuleHandleA
RaiseException
GetConsoleOutputCP
IsValidCodePage
GetProcAddress
GetFullPathNameW
MultiByteToWideChar
RtlUnwind
InitializeCriticalSection
VirtualFree
GetProcessHeap
GetFullPathNameA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74b6df45c7f6834b3523cdab1ae56d0f

Headers

File Characteristics

Imports

ole32

rpcrt4

shlwapi

user32

shell32

advapi32

kernel32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 88KB