ff88b544259ec0286281b10e24fadc84_JaffaCakes118

General

Target

ff88b544259ec0286281b10e24fadc84_JaffaCakes118
Size

169KB
MD5

ff88b544259ec0286281b10e24fadc84
SHA1

24a85bf9ef26ba1e18af3ce91c4df20df38915e3
SHA256

b1a3a33ead038619f7c5a782117e1bf3edbdd175f56f6a5c4d38553dbbb00ba4
SHA512

716e5c77da72765c07fadd10917668f29de9441a4b537a03d43ac12c696347d96c9a0fb3aced531bfb7c0e132171d84e111284c3b8c85dfa6980710765b9b9bc
SSDEEP

3072:bjpTVvQEK2qgxNhan2MtVpLqd/+ONZnIXkIiPyPgKg7pSkGRipPGs:bjpJnI1NVp2trX6kLqPgnc4FGs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff88b544259ec0286281b10e24fadc84_JaffaCakes118

Files

ff88b544259ec0286281b10e24fadc84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ad9a03705148d44f203ee7346a8c13f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

RtlUnwind
InitializeCriticalSection
Sleep
HeapFree
IsValidLocale
SetUnhandledExceptionFilter
ReadFile
WriteConsoleA
GetThreadPriority
CreateFileA
MultiByteToWideChar
LeaveCriticalSection
GetProcAddress
InterlockedDecrement
WriteConsoleW
HeapAlloc
HeapSize
SetEndOfFile
GetUserDefaultLCID
SetCommConfig
GetLocaleInfoW
WideCharToMultiByte
GetConsoleOutputCP
EnterCriticalSection
GetCurrentDirectoryW
CloseHandle
EnumResourceNamesA
GetVersionExA
HeapReAlloc
LCMapStringW
TerminateProcess
LCMapStringA
ExitProcess
GlobalAlloc
GetLastError
GetModuleHandleA
WriteFile
EnumSystemLocalesA
ExitProcess
UnhandledExceptionFilter
GetCurrentProcess
RaiseException
GetCPInfo
SetStdHandle
GetCommandLineA
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
DeleteCriticalSection
GetProcessHeap
GetFullPathNameW
GetCurrentThreadId
GetModuleFileNameW
GetFullPathNameA

ole32

CoCreateGuid
CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitialize
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ad9a03705148d44f203ee7346a8c13f

Headers

File Characteristics

Imports

shell32

rpcrt4

advapi32

kernel32

ole32

user32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.crt
Size: 512B - Virtual size: 72KB