JaffaCakes118_1748a4bd5cd172f7f786a7fb2c1a7dd7

General

Target

JaffaCakes118_1748a4bd5cd172f7f786a7fb2c1a7dd7
Size

175KB
MD5

1748a4bd5cd172f7f786a7fb2c1a7dd7
SHA1

b5e7cf43c8828d27d3f66dcc354af38aec633dfd
SHA256

4e7f3ba2acffee3a532a4f5516f2d5c6bcb12c6abe6261aa7c37cf6481f2b68b
SHA512

5614fef2efb6801935c63b984939790d0dac4a2039eac226db24dfd9b906c1362c4561fd79b95b497f6a8bbb6d666f54c0dbefa5f5ad66004b0ef51feaa2f500
SSDEEP

3072:VaHqsdAjfrVzzQnPuIXrsPnvqly/OGQHyUfPNk9fUs4+Bu4sj6kTRCBd:VaHqsdATrhzQPfunylFf1k914y3sTdCb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1748a4bd5cd172f7f786a7fb2c1a7dd7

Files

JaffaCakes118_1748a4bd5cd172f7f786a7fb2c1a7dd7
.exe windows:4 windows x86 arch:x86

a994793854ec42342165f140fdd0a289

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LCMapStringA
SetStdHandle
DeleteCriticalSection
HeapAlloc
HeapReAlloc
GetThreadPriority
HeapFree
GetCurrentProcess
CloseHandle
GetModuleFileNameW
WideCharToMultiByte
GetCurrentDirectoryW
EnumSystemLocalesA
InitializeCriticalSection
GetCurrentThreadId
SetupComm
LCMapStringW
LeaveCriticalSection
SetEndOfFile
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetCommandLineA
EnterCriticalSection
GetFullPathNameW
WriteFile
InterlockedDecrement
RaiseException
ReadFile
EnumResourceNamesA
RtlUnwind
GetVersionExA
MultiByteToWideChar
ExitProcess
WriteConsoleW
UnhandledExceptionFilter
InterlockedIncrement
GetProcAddress
GetProcessHeap
HeapSize
GlobalAlloc
WriteConsoleA
GetLastError
GetLocaleInfoW
IsValidCodePage
GetModuleHandleA
ExitProcess
IsDebuggerPresent
TerminateProcess
GetConsoleOutputCP
GetCPInfo
IsValidLocale
CreateFileA
Sleep
GetFullPathNameA

user32

GetAncestor
MessageBoxW

rpcrt4

UuidCreate

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a994793854ec42342165f140fdd0a289

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

shell32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 25KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 25KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 212KB