JaffaCakes118_3486d3609a6da50ea2ccf195bd7b9042

General

Target

JaffaCakes118_3486d3609a6da50ea2ccf195bd7b9042
Size

163KB
MD5

3486d3609a6da50ea2ccf195bd7b9042
SHA1

28f693b3b60dd289c867f2db58c2778282a3e98a
SHA256

a3bf9fb6e603f60eec5bf15e1fed88b0ed5032bddf2ac370213b9b3451248d49
SHA512

00f8c5f6c437c3649dc0c7fd324429596560fb7433c9e204d37bfd2f216c1c2f8f017a402d7e4b134429a0d84b65fe774e788949b8c608ae444720e84dffddc6
SSDEEP

3072:qgJQ5vuredv6ELzej7sBKq74Ew9kK88h9tcEFz/zSJ+q8IbBEMO1fM/FNleO:qEQ5fdv66C7sGEGC8eEFeJ+qVVEMOmFe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3486d3609a6da50ea2ccf195bd7b9042

Files

JaffaCakes118_3486d3609a6da50ea2ccf195bd7b9042
.exe windows:4 windows x86 arch:x86

42ddb118e4ac89fa728d2c5fc2dbe240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
GetProcessHeap
GetLocaleInfoW
EnumSystemLocalesA
InterlockedIncrement
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
GetThreadPriority
HeapFree
MultiByteToWideChar
GetModuleFileNameW
GetCPInfo
WriteFile
Sleep
GetConsoleOutputCP
RaiseException
HeapSize
IsValidLocale
SetCommConfig
GetUserDefaultLCID
GetLastError
GetFullPathNameW
GlobalAlloc
CreateFileA
ExitProcess
EnumResourceNamesA
WideCharToMultiByte
LeaveCriticalSection
HeapReAlloc
LCMapStringA
CloseHandle
SetUnhandledExceptionFilter
IsValidCodePage
InitializeCriticalSection
ExitProcess
RtlUnwind
UnhandledExceptionFilter
EnterCriticalSection
GetCommandLineA
GetModuleHandleA
TerminateProcess
GetCurrentDirectoryW
GetVersionExA
InterlockedDecrement
LCMapStringW
DeleteCriticalSection
SetEndOfFile
WriteConsoleW
IsDebuggerPresent
GetProcAddress
WriteConsoleA
SetStdHandle
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42ddb118e4ac89fa728d2c5fc2dbe240

Headers

File Characteristics

Imports

kernel32

shell32

rpcrt4

user32

advapi32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 72KB