JaffaCakes118_84d20c9b907273cd1bee3778034db024

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_84d20c9b907273cd1bee3778034db024
Size

164KB
MD5

84d20c9b907273cd1bee3778034db024
SHA1

9d51720641e9e8f256a834f20d1a41fe9af18884
SHA256

a055e7bd3122488576a187d94c8f143deaeb26e69cefce7a77d7f0cefd70c46e
SHA512

ed6fb8e0f1608fa7c82428e294310d230e04c36eeecc17cdfef2fffed8a976c2c5b4ed1d4bd240f4d664b3c96267c313ac8da70432790cb4e2c795de201ea32f
SSDEEP

3072:toyZUHc9NkVLSgbYvox+MEOINCbHr61bx3Ti1MwgRF1YGFG:W/HcTch0v7MEFNCHUbx3+Mwg2GI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_84d20c9b907273cd1bee3778034db024

Files

JaffaCakes118_84d20c9b907273cd1bee3778034db024
.exe windows:4 windows x86 arch:x86

1c9152d7b07c513e5e6f48620512b11d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

GetStartupInfoA
TerminateProcess
GetLocaleInfoW
HeapDestroy
GetACP
EnumSystemLocalesA
InterlockedDecrement
HeapSize
GetLocaleInfoA
GetStringTypeW
GetCommandLineA
LeaveCriticalSection
ExitProcess
IsValidLocale
GetThreadPriority
Sleep
TlsGetValue
SetStdHandle
UnhandledExceptionFilter
InterlockedIncrement
GetCurrentProcessId
LoadLibraryA
EnterCriticalSection
GetVersionExA
SetCommTimeouts
GetModuleHandleA
WriteConsoleA
GlobalAlloc
GetFullPathNameW
GetConsoleCP
IsValidCodePage
TlsSetValue
VirtualFree
RtlUnwind
QueryPerformanceCounter
HeapReAlloc
HeapAlloc
EnumResourceNamesA
LCMapStringW
GetLastError
GetModuleFileNameA
CreateFileA
GetUserDefaultLCID
RaiseException
GetCurrentThreadId
GetStringTypeA
IsDebuggerPresent
GetProcessHeap
GetConsoleOutputCP
GetFileType
GetTickCount
GetCurrentProcess
FreeEnvironmentStringsW
GetConsoleMode
VirtualAlloc
TlsAlloc
GetEnvironmentStrings
GetOEMCP
CloseHandle
GetStdHandle
ExitProcess
GetModuleFileNameW
InitializeCriticalSection
GetSystemTimeAsFileTime
FlushFileBuffers
GetProcAddress
HeapFree
MultiByteToWideChar
SetLastError
FreeEnvironmentStringsA
HeapCreate
WriteConsoleW
GetCPInfo
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
DeleteCriticalSection
LCMapStringA
WriteFile
WideCharToMultiByte
ReadFile
GetCurrentDirectoryW
SetFilePointer
TlsFree
SetEndOfFile
GetFullPathNameA

ole32

StringFromGUID2
CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitialize
CoSetProxyBlanket

rpcrt4

UuidCreate

shlwapi

SHDeleteKeyW

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c9152d7b07c513e5e6f48620512b11d

Headers

File Characteristics

Imports

advapi32

user32

shell32

kernel32

ole32

rpcrt4

shlwapi

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 72KB