d52e6e52485008f1df333c279c368783_JaffaCakes118

General

Target

d52e6e52485008f1df333c279c368783_JaffaCakes118
Size

178KB
MD5

d52e6e52485008f1df333c279c368783
SHA1

5e8d9f961d5a598f8cf2d834bbb1218d48b67298
SHA256

e0dcd3b33e78147ec3c91bb889064ff109c4544280e03c03c95d3118fd9a7601
SHA512

593d2385de7dde1e59e69f7d02bb4c2c43f5c62ed30101a3877ca5853650f67b635a3342b2cca06728b017ecbe5d261078474156c58fba78bb8336c1c546f8a5
SSDEEP

3072:115VVdZedtq4IFmlOaoT5iJkwMbL4hUiAZ7s/vcVebz48jMfEwwn3H5hL9wDSqax:LatOF3aoTtohytAbz4/fEww3Hr94Nxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d52e6e52485008f1df333c279c368783_JaffaCakes118

Files

d52e6e52485008f1df333c279c368783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fbc1a3d438bb6692f6710e4f51db60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

kernel32

LCMapStringW
DeleteCriticalSection
MultiByteToWideChar
GetThreadPriority
RtlUnwind
UnhandledExceptionFilter
GetCurrentDirectoryW
LCMapStringA
GetLastError
IsDebuggerPresent
EnterCriticalSection
GetModuleFileNameW
GetProcessHeap
ExitProcess
PurgeComm
InitializeCriticalSection
HeapReAlloc
HeapSize
EnumSystemLocalesA
HeapAlloc
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
GetFullPathNameW
RaiseException
InterlockedIncrement
TerminateProcess
GetUserDefaultLCID
GetLocaleInfoW
GetConsoleOutputCP
EnumResourceNamesA
InterlockedDecrement
WriteConsoleW
GetCPInfo
GetCommandLineA
WideCharToMultiByte
HeapFree
LeaveCriticalSection
ExitProcess
GlobalAlloc
IsValidCodePage
SetEndOfFile
ReadFile
GetProcAddress
IsValidLocale
GetCurrentThreadId
GetVersionExA
WriteConsoleA
GetModuleHandleA
SetStdHandle
CreateFileA
Sleep
CloseHandle
GetFullPathNameA

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fbc1a3d438bb6692f6710e4f51db60f

Headers

File Characteristics

Imports

shell32

rpcrt4

advapi32

user32

kernel32

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 25KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 344KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 25KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 344KB