cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118
Size

185KB
MD5

cef48e5641250c596ce7d6e11d26b8f7
SHA1

7e0b96f17fd0cf008fb8e1b7e3ecc8ddaff4d499
SHA256

bd401ead48f51850e609c016fe7d5b6a30da3fe0912233aacb4de564aeff3c55
SHA512

7e2435cdd81bf63800b8772e55194e35eff2819242d0d6d1195c3ab8e5a76c3bf7876dfbe0968c329ab6734c799cf056f6f4f9b944a1db41e6d563abe8cc8445
SSDEEP

3072:60eAvneRSCsLuHuhwBou1RcBeBoulQHwtdsEY0ecXQNVtNvUEk/AG0LU7Zs9:ZHeRS/LuHHFRKstoW6BcXQNVPUD/GU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118

Files

cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93ef26babc3c076b20d443b1a6afc381

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

GetACP
GetCurrentDirectoryW
UnhandledExceptionFilter
GetModuleFileNameA
SetFilePointer
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetThreadPriority
WriteFile
HeapSize
ReadFile
LeaveCriticalSection
GetCurrentThreadId
LCMapStringA
GlobalAlloc
GetStringTypeW
DeleteCriticalSection
LCMapStringW
TlsGetValue
SetCommTimeouts
GetOEMCP
SetLastError
SetHandleCount
MultiByteToWideChar
GetProcAddress
GetLocaleInfoA
GetTickCount
HeapReAlloc
SetStdHandle
CreateFileA
GetModuleFileNameW
SetEndOfFile
FreeEnvironmentStringsA
TlsFree
GetFileType
RtlUnwind
GetConsoleCP
GetConsoleOutputCP
GetCurrentProcess
HeapAlloc
VirtualFree
GetLastError
LoadLibraryA
HeapFree
Sleep
HeapDestroy
InitializeCriticalSection
EnumResourceNamesA
TlsSetValue
GetStdHandle
GetEnvironmentStrings
WriteConsoleW
HeapCreate
VirtualAlloc
GetCurrentProcessId
ExitProcess
EnterCriticalSection
InterlockedDecrement
GetCommandLineA
TerminateProcess
ExitProcess
WriteConsoleA
RaiseException
InterlockedIncrement
GetUserDefaultLCID
IsValidCodePage
GetStringTypeA
CloseHandle
EnumSystemLocalesA
GetStartupInfoA
GetSystemTimeAsFileTime
IsDebuggerPresent
FlushFileBuffers
GetModuleHandleA
FreeEnvironmentStringsW
GetFullPathNameW
WideCharToMultiByte
GetVersionExA
TlsAlloc
IsValidLocale
GetConsoleMode
GetLocaleInfoW
GetProcessHeap
GetCPInfo
QueryPerformanceCounter
GetFullPathNameA

ole32

CoInitialize
CoCreateGuid
StringFromGUID2
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

rpcrt4

UuidCreate

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93ef26babc3c076b20d443b1a6afc381

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

shell32

kernel32

ole32

rpcrt4

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 216KB