f9de8d71580b053a83777c28dd26142f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9de8d71580b053a83777c28dd26142f_JaffaCakes118
Size

172KB
MD5

f9de8d71580b053a83777c28dd26142f
SHA1

a34ea9cac98bd9faf74b07a06cd2583eddd20cdc
SHA256

be548ab1807ed68394949e77d02f90f16e1e04caa6a59b6b16cb728fb2c420ec
SHA512

a9c84b315cfcb4fca1d94115b0545ec8918a6e0e70189051e420da4ba58786d55674b514127925c51850e2d69c0b006a808b9f917c8f4d6ddbe53cbe565938ab
SSDEEP

3072:VCF6f1P8S92LGWuko2kr+1GA20i2tU/z6qJP2Pqb6ot5PLLtK9jpduIvR:VCF6+tCJkop+0A/kBPiq5t5PLRK97bR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9de8d71580b053a83777c28dd26142f_JaffaCakes118

Files

f9de8d71580b053a83777c28dd26142f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd568f8f388261cf266dc57d0045fa37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
MessageBoxW

shlwapi

SHDeleteKeyW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoCreateGuid
CoInitialize
StringFromGUID2
CoCreateInstance
CoUninitialize
CoSetProxyBlanket

kernel32

HeapReAlloc
GetCurrentProcessId
HeapSize
GetFullPathNameW
GetCurrentDirectoryW
GetConsoleCP
RtlUnwind
GetThreadPriority
GetModuleHandleA
HeapAlloc
GetStringTypeA
SetHandleCount
LCMapStringW
GetSystemTimeAsFileTime
GetACP
VirtualAlloc
FreeEnvironmentStringsW
TerminateProcess
TlsFree
HeapCreate
WideCharToMultiByte
WriteConsoleA
Sleep
LeaveCriticalSection
GetLocaleInfoW
GetLastError
HeapFree
SetStdHandle
SetCommTimeouts
TlsGetValue
GetProcessHeap
IsDebuggerPresent
GetFileType
GetCurrentThreadId
WriteFile
EnumResourceNamesA
GetEnvironmentStrings
GetCPInfo
LCMapStringA
CreateFileA
QueryPerformanceCounter
DeleteCriticalSection
LoadLibraryA
GetCurrentProcess
GetProcAddress
GetStdHandle
ReadFile
GetStringTypeW
UnhandledExceptionFilter
GetTickCount
FreeEnvironmentStringsA
GetModuleFileNameA
GetConsoleOutputCP
ExitProcess
IsValidLocale
SetUnhandledExceptionFilter
GetVersionExA
VirtualFree
ExitProcess
SetFilePointer
SetEndOfFile
InitializeCriticalSection
WriteConsoleW
InterlockedIncrement
SetLastError
GlobalAlloc
CloseHandle
EnumSystemLocalesA
GetStartupInfoA
EnterCriticalSection
RaiseException
MultiByteToWideChar
FlushFileBuffers
GetEnvironmentStringsW
GetLocaleInfoA
GetCommandLineA
GetUserDefaultLCID
TlsAlloc
GetConsoleMode
GetModuleFileNameW
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsSetValue
HeapDestroy
GetFullPathNameA

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd568f8f388261cf266dc57d0045fa37

Headers

File Characteristics

Imports

user32

shlwapi

shell32

ole32

kernel32

rpcrt4

advapi32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.crt
Size: 512B - Virtual size: 68KB