JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e

General

Target

JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e
Size

179KB
MD5

83065f3783a4caa70b8c56c2ea72ea3e
SHA1

baea94b3e19840348b04ec67ee471760d8fbfd9c
SHA256

4f9459e9137cfb89e4a9304442eee1358066ae5b153e5042ce5745aa154bd9bd
SHA512

a080993ddbdbdee885801d4895e99a75570bb3c1cd4f43d242ba9de7e91883593eaaa67026914eb8171acf521f638c1bfab34a987bdf60859c298b923fb01e3b
SSDEEP

3072:4LgXsi30fWSUsS6vG8fkPtPRROOmQL351FeZkTGNCCbWv/nGAGWYL:4ssRxzsPEOmQj51syGNCcMn//YL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e

Files

JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e
.exe windows:4 windows x86 arch:x86

075a6c8307aca16a861aca9fbaabadf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

WriteFile
ExitProcess
SetStdHandle
IsValidLocale
GetCurrentThreadId
GetThreadPriority
GetCommandLineA
TerminateProcess
HeapReAlloc
GetModuleHandleA
DeleteCriticalSection
RaiseException
CloseHandle
SetCommConfig
GlobalAlloc
CreateFileA
GetLastError
InterlockedDecrement
EnterCriticalSection
GetCurrentProcess
GetFullPathNameW
GetLocaleInfoW
LCMapStringW
GetModuleFileNameW
EnumSystemLocalesA
Sleep
ReadFile
HeapFree
SetUnhandledExceptionFilter
EnumResourceNamesA
GetConsoleOutputCP
WriteConsoleW
LeaveCriticalSection
ExitProcess
GetCurrentDirectoryW
GetVersionExA
HeapAlloc
RtlUnwind
SetEndOfFile
IsDebuggerPresent
GetProcAddress
InitializeCriticalSection
UnhandledExceptionFilter
HeapSize
MultiByteToWideChar
InterlockedIncrement
IsValidCodePage
GetCPInfo
WideCharToMultiByte
GetProcessHeap
LCMapStringA
GetUserDefaultLCID
WriteConsoleA
GetFullPathNameA

ole32

CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoSetProxyBlanket

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

075a6c8307aca16a861aca9fbaabadf8

Headers

File Characteristics

Imports

user32

advapi32

kernel32

ole32

shell32

rpcrt4

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 344KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 344KB