JaffaCakes118_a08060e40ed8edd81f5cb631fd808d92

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_a08060e40ed8edd81f5cb631fd808d92
Size

185KB
MD5

a08060e40ed8edd81f5cb631fd808d92
SHA1

2cd4ce2d5ce9add2d59cd872f139b62c14018fa2
SHA256

4fd0a0b126a2e9e536a5954a7ba3ac14ecd2289551a35d6d352c587c95150d51
SHA512

b2aaf13bf33e713e850ad128af3e8e9b1f140e469e363e6539a59b9b51677e11321cc9a3c460a5093be70a608b248d8e1a606d63069a186f3dc5174e8533c5e0
SSDEEP

3072:kLHECeIdBbtve6obdue87pXuLEupwb4DNyWRPNVKNnd5gSzXx9D2W1plcnV2SCU:ELVneJUpUx6biLPNYNn/zxZzplcnhC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a08060e40ed8edd81f5cb631fd808d92

Files

JaffaCakes118_a08060e40ed8edd81f5cb631fd808d92
.exe windows:4 windows x86 arch:x86

15670510d200222eb8ba783615317c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

ole32

CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
StringFromGUID2
CoSetProxyBlanket

kernel32

HeapCreate
HeapFree
GetThreadPriority
TlsFree
GetCurrentProcess
GetStringTypeA
GetCurrentDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
FlushFileBuffers
WriteConsoleA
GetConsoleMode
GetProcAddress
GetConsoleCP
InterlockedDecrement
WriteFile
WriteConsoleW
WideCharToMultiByte
TlsAlloc
GetStartupInfoA
TlsGetValue
CloseHandle
SetFilePointer
CreateFileA
GetLastError
SetCommTimeouts
GetModuleFileNameA
GetLocaleInfoA
LeaveCriticalSection
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
EnumSystemLocalesA
IsValidCodePage
GetLocaleInfoW
LCMapStringW
GetFullPathNameW
GlobalAlloc
GetProcessHeap
GetConsoleOutputCP
VirtualAlloc
GetTickCount
IsValidLocale
FreeEnvironmentStringsA
InterlockedIncrement
EnumResourceNamesA
GetVersionExA
GetCPInfo
TlsSetValue
EnterCriticalSection
RaiseException
VirtualFree
MultiByteToWideChar
UnhandledExceptionFilter
ExitProcess
GetStringTypeW
HeapAlloc
QueryPerformanceCounter
GetCurrentThreadId
LoadLibraryA
GetACP
HeapDestroy
GetModuleFileNameW
RtlUnwind
SetStdHandle
ReadFile
InitializeCriticalSection
TerminateProcess
FreeEnvironmentStringsW
SetEndOfFile
GetStdHandle
LCMapStringA
IsDebuggerPresent
GetModuleHandleA
HeapReAlloc
SetLastError
GetOEMCP
GetCurrentProcessId
ExitProcess
HeapSize
Sleep
GetUserDefaultLCID
GetCommandLineA
GetFileType
GetEnvironmentStrings
GetFullPathNameA

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shlwapi

SHDeleteKeyW

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15670510d200222eb8ba783615317c04

Headers

File Characteristics

Imports

shell32

user32

rpcrt4

ole32

kernel32

advapi32

shlwapi

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 216KB