JaffaCakes118_16d7669579c92f0489de1db86786e809

General

Target

JaffaCakes118_16d7669579c92f0489de1db86786e809
Size

177KB
MD5

16d7669579c92f0489de1db86786e809
SHA1

05e8608893494ddb9bc590b33be92f748fa5f774
SHA256

7a349f46b9cbb2817d534f42f535a644c53474c34b4dd33c1eed3abb897d5f66
SHA512

de0a53998fdf9d6ab533c2b3b58f7ec144943e05d8adc2d5f7d43f9883e3f1fff2db4de51a9082d136a0e7be82a594decea8b2a6e399787df103859b101228b2
SSDEEP

3072:xDfR/290JzmWEZI1aWOm2BszvGm+mLZY78gTK6Ove/FbdqRK2:xrRLzmmaJBszvimlYLke/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_16d7669579c92f0489de1db86786e809

Files

JaffaCakes118_16d7669579c92f0489de1db86786e809
.exe windows:4 windows x86 arch:x86

9eb2b07a392a9983ce1d0357647b4df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

kernel32

SetEndOfFile
CloseHandle
HeapFree
EnumSystemLocalesA
GetLastError
CreateFileA
GetThreadPriority
ReadFile
HeapReAlloc
RtlUnwind
RaiseException
Sleep
LCMapStringA
WriteConsoleA
UnhandledExceptionFilter
WriteFile
LCMapStringW
SetCommConfig
IsDebuggerPresent
InitializeCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetLocaleInfoW
InterlockedIncrement
GetCurrentDirectoryW
GetProcAddress
HeapSize
EnumResourceNamesA
SetUnhandledExceptionFilter
GetVersionExA
HeapAlloc
GetCurrentThreadId
GetModuleFileNameW
ExitProcess
DeleteCriticalSection
WriteConsoleW
MultiByteToWideChar
GlobalAlloc
IsValidCodePage
GetCurrentProcess
IsValidLocale
GetConsoleOutputCP
InterlockedDecrement
GetCPInfo
GetProcessHeap
EnterCriticalSection
TerminateProcess
SetStdHandle
GetUserDefaultLCID
ExitProcess
GetFullPathNameW
GetModuleHandleA
GetCommandLineA
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

ole32

CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitialize
StringFromGUID2
CoSetProxyBlanket

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eb2b07a392a9983ce1d0357647b4df6

Headers

File Characteristics

Imports

advapi32

shell32

rpcrt4

kernel32

user32

ole32

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 28KB

.crt Size: 512B - Virtual size: 344KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 28KB

.crt
Size: 512B - Virtual size: 344KB