559f342855ddf77f5d52ca6a2bc1e72b_JaffaCakes118

General

Target

559f342855ddf77f5d52ca6a2bc1e72b_JaffaCakes118
Size

167KB
MD5

559f342855ddf77f5d52ca6a2bc1e72b
SHA1

a587cb60c83d1fefa95b8b9e85d692410b73a984
SHA256

a1fbe5eecf858841d284398f1f09629214277c2911470a2f6aacb7d3cc3e8df2
SHA512

988187ccf123ed1cdacc61846ea0d62c6ccf42df43191f547e5378a93361a13f974348744203aa153b7639913115d794915b91ed47b24adb976bb02410ddc1ad
SSDEEP

3072:qyyo6juKPGg1YWARsG6sUv4zZdUIOFiUZdQZwch8Uj++Sq7:So6jjPGgtG24spvZ4wO8W+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
559f342855ddf77f5d52ca6a2bc1e72b_JaffaCakes118

Files

559f342855ddf77f5d52ca6a2bc1e72b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5347180b99cde24615d06abb4a3f5adc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

kernel32

InterlockedIncrement
LCMapStringW
GetFullPathNameW
EnterCriticalSection
HeapFree
GetLocaleInfoW
GetProcAddress
GetCurrentThreadId
WriteConsoleA
GetThreadPriority
WriteConsoleW
CloseHandle
DeleteCriticalSection
TerminateProcess
ExitProcess
IsValidLocale
SetCommConfig
SetUnhandledExceptionFilter
SetEndOfFile
UnhandledExceptionFilter
HeapReAlloc
IsDebuggerPresent
InitializeCriticalSection
Sleep
GetCurrentDirectoryW
GetConsoleOutputCP
GetCommandLineA
GetUserDefaultLCID
GetLastError
HeapAlloc
InterlockedDecrement
EnumResourceNamesA
RtlUnwind
GetProcessHeap
GetVersionExA
WideCharToMultiByte
GetCPInfo
WriteFile
CreateFileA
ReadFile
ExitProcess
GetModuleHandleA
GetModuleFileNameW
SetStdHandle
GetCurrentProcess
GlobalAlloc
EnumSystemLocalesA
IsValidCodePage
LeaveCriticalSection
RaiseException
MultiByteToWideChar
HeapSize
LCMapStringA
GetFullPathNameA

ole32

CoUninitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitialize
CoSetProxyBlanket

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5347180b99cde24615d06abb4a3f5adc

Headers

File Characteristics

Imports

rpcrt4

advapi32

shell32

user32

kernel32

ole32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 76KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 76KB