JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48

General

Target

JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48
Size

168KB
MD5

a8e2cf6a25721f952dda89462fc24f48
SHA1

abb2516094632adec98866e4c747f2e98bd1cd62
SHA256

7647144af87d28b5485c4088a4810eaccdf7863f4aac2a5d25af432fde9514c7
SHA512

9ef15dc5aecb57cc00e1a2d394053ffdb5b25decfe82b9b54e36b551ccb6f4660ed0e03d25576e33f3f0a3f9e81361243b876f1b9fba5f233f69e1684419af53
SSDEEP

3072:BZ5QcpRU9FqIbP9vb15OL4AuvTY5pbmMxnsMZ3ysHZIhAu9/gmYb2afbGwlDl:BZ5QsU9Fd775oGM1Z3pHdk/gmYb2DwlJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48

Files

JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48
.exe windows:4 windows x86 arch:x86

0ce2dcea54ac7439e99469e4578b59a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoSetProxyBlanket

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

kernel32

GetThreadPriority
EnumSystemLocalesA
GetFullPathNameW
RtlUnwind
GetCurrentProcess
GetCurrentThreadId
InterlockedDecrement
RaiseException
LeaveCriticalSection
InterlockedIncrement
Sleep
WriteConsoleA
GetLastError
HeapReAlloc
SetCommConfig
IsValidLocale
GetModuleFileNameW
WriteFile
ReadFile
HeapAlloc
GetProcessHeap
GetLocaleInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetConsoleOutputCP
GetCPInfo
GlobalAlloc
EnumResourceNamesA
UnhandledExceptionFilter
WriteConsoleW
TerminateProcess
GetVersionExA
LCMapStringA
ExitProcess
SetStdHandle
CreateFileA
InitializeCriticalSection
HeapSize
ExitProcess
HeapFree
IsDebuggerPresent
GetModuleHandleA
EnterCriticalSection
MultiByteToWideChar
GetCommandLineA
DeleteCriticalSection
SetEndOfFile
GetUserDefaultLCID
IsValidCodePage
GetCurrentDirectoryW
LCMapStringW
WideCharToMultiByte
CloseHandle
GetFullPathNameA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ce2dcea54ac7439e99469e4578b59a1

Headers

File Characteristics

Imports

ole32

shell32

user32

rpcrt4

advapi32

kernel32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 16KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 16KB

.crt
Size: 512B - Virtual size: 68KB