ec22dfc43dd72912b1a5428daf0bf137_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ec22dfc43dd72912b1a5428daf0bf137_JaffaCakes118
Size

176KB
MD5

ec22dfc43dd72912b1a5428daf0bf137
SHA1

e7e9c0cfc08807688c6372dec3c37b19be92ee60
SHA256

ee1d85f6bcb8090ac766f0782d7be28153a8851899f4d23c81800a97abd68fcf
SHA512

ccb660fbaa3391754fc303e82f29181725a77db93bcf7f54a8d3d95d1b14e8c4229a36ef9ad9f2b313b70022759a7bf7e8bbeb172030d37620d2f31c48d31daf
SSDEEP

3072:ZHoI8+WdjePaA1q1WMC0XWuUKXK+kW3wVaY+Z4XFc5zItnwog:BoI8BYaA1qv3mB9vJZ0inLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec22dfc43dd72912b1a5428daf0bf137_JaffaCakes118

Files

ec22dfc43dd72912b1a5428daf0bf137_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bb6145e9c48d1795306008d1fb987e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

kernel32

Sleep
InitializeCriticalSection
GetCurrentProcessId
HeapSize
WriteConsoleA
GetStringTypeA
IsValidCodePage
GetFileType
TlsSetValue
GetTickCount
GetCurrentThreadId
HeapAlloc
GetProcessHeap
LCMapStringA
GetThreadPriority
GetConsoleCP
GetFullPathNameW
GetACP
SetCommTimeouts
CloseHandle
QueryPerformanceCounter
GetEnvironmentStrings
WideCharToMultiByte
CreateFileA
GetEnvironmentStringsW
GetProcAddress
GetConsoleOutputCP
VirtualFree
GetLocaleInfoA
GetCurrentDirectoryW
HeapDestroy
LCMapStringW
GetLastError
SetLastError
RaiseException
TlsFree
MultiByteToWideChar
EnumResourceNamesA
FreeEnvironmentStringsA
VirtualAlloc
TlsGetValue
GlobalAlloc
GetModuleFileNameW
GetSystemTimeAsFileTime
InterlockedDecrement
HeapCreate
GetModuleHandleA
FreeEnvironmentStringsW
FlushFileBuffers
HeapFree
GetCommandLineA
GetUserDefaultLCID
LoadLibraryA
ExitProcess
ExitProcess
IsDebuggerPresent
GetModuleFileNameA
WriteFile
SetStdHandle
ReadFile
UnhandledExceptionFilter
DeleteCriticalSection
EnumSystemLocalesA
SetHandleCount
GetOEMCP
GetStdHandle
GetStringTypeW
EnterCriticalSection
TlsAlloc
SetFilePointer
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
GetConsoleMode
InterlockedIncrement
SetEndOfFile
WriteConsoleW
HeapReAlloc
IsValidLocale
GetCPInfo
LeaveCriticalSection
GetCurrentProcess
GetVersionExA
GetLocaleInfoW
GetStartupInfoA
GetFullPathNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shlwapi

SHDeleteKeyW

ole32

CoCreateGuid
CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitialize
CoSetProxyBlanket

rpcrt4

UuidCreate

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb6145e9c48d1795306008d1fb987e0

Headers

File Characteristics

Imports

user32

shell32

kernel32

advapi32

shlwapi

ole32

rpcrt4

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 22KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 22KB

.crt
Size: 512B - Virtual size: 212KB