5200882c79e90b146fa21c584c64eb8e_JaffaCakes118

General

Target

5200882c79e90b146fa21c584c64eb8e_JaffaCakes118
Size

178KB
MD5

5200882c79e90b146fa21c584c64eb8e
SHA1

dae288585d3b6f0495cf82ffeb9f1f88409ba37f
SHA256

77b46d6cc24637b78062bbd800c9f9b09bffa164ef3dc71bbd8a94f0e67295ef
SHA512

433fac9ad4705ec0346cfc944dcf7b463189742d3236e9628c62adfe9e921415b3a1275e06f7b7626ee865e0885a83ca148a366713f109d4fbe3ff44608b44cf
SSDEEP

3072:115VVdZedtq4IFmlOaoT5iJkwMbL4hUiAZ7s/vcVebz48jMfEwwn3H5hL9wDSqax:LatOF3aoTtohytAbz4/fEww3Hr94Nxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5200882c79e90b146fa21c584c64eb8e_JaffaCakes118

Files

5200882c79e90b146fa21c584c64eb8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fbc1a3d438bb6692f6710e4f51db60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

kernel32

LCMapStringW
DeleteCriticalSection
MultiByteToWideChar
GetThreadPriority
RtlUnwind
UnhandledExceptionFilter
GetCurrentDirectoryW
LCMapStringA
GetLastError
IsDebuggerPresent
EnterCriticalSection
GetModuleFileNameW
GetProcessHeap
ExitProcess
PurgeComm
InitializeCriticalSection
HeapReAlloc
HeapSize
EnumSystemLocalesA
HeapAlloc
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
GetFullPathNameW
RaiseException
InterlockedIncrement
TerminateProcess
GetUserDefaultLCID
GetLocaleInfoW
GetConsoleOutputCP
EnumResourceNamesA
InterlockedDecrement
WriteConsoleW
GetCPInfo
GetCommandLineA
WideCharToMultiByte
HeapFree
LeaveCriticalSection
ExitProcess
GlobalAlloc
IsValidCodePage
SetEndOfFile
ReadFile
GetProcAddress
IsValidLocale
GetCurrentThreadId
GetVersionExA
WriteConsoleA
GetModuleHandleA
SetStdHandle
CreateFileA
Sleep
CloseHandle
GetFullPathNameA

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fbc1a3d438bb6692f6710e4f51db60f

Headers

File Characteristics

Imports

shell32

rpcrt4

advapi32

user32

kernel32

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 25KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 344KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 25KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 344KB