JaffaCakes118_aef0b9880763e42c75bb7bb061ea08c7

General

Target

JaffaCakes118_aef0b9880763e42c75bb7bb061ea08c7
Size

188KB
MD5

aef0b9880763e42c75bb7bb061ea08c7
SHA1

08148b0904a473c5b612f1cf9eca9d52a007dcae
SHA256

4c9d6582a7fdf26f3a3416536d958b28a3c288fd141a8689f567a06e7413132c
SHA512

9463850f9fed671564e86ce3f3d3cc6bc9cd7b0f60f9455675c67b1f0fa36b3ed67daa2a3d1f9a9088897b1da69c3777fc5436ace36512fcb5c327148dd8558c
SSDEEP

3072:C7+mP819ZwfMQSgpDmZjSf1PbbbKB2t98F/aLqQFDxqiCJYq6BKXzAuWc2XSbQc0:Lmk19EfFmZOtbbKBlaLqsDoH15XzdLTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_aef0b9880763e42c75bb7bb061ea08c7

Files

JaffaCakes118_aef0b9880763e42c75bb7bb061ea08c7
.exe windows:4 windows x86 arch:x86

9b98e4efa03d9b624112d0cf0f3bcc24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
DeleteCriticalSection
GetThreadPriority
InterlockedDecrement
LCMapStringA
WideCharToMultiByte
InterlockedIncrement
IsDebuggerPresent
WriteConsoleA
GetProcessHeap
GlobalAlloc
WriteConsoleW
HeapFree
SetCommConfig
CloseHandle
IsValidCodePage
LeaveCriticalSection
GetVersionExA
HeapReAlloc
IsValidLocale
HeapSize
TerminateProcess
HeapAlloc
GetCPInfo
SetUnhandledExceptionFilter
GetLocaleInfoW
GetProcAddress
GetFullPathNameW
EnumResourceNamesA
GetCurrentDirectoryW
GetCurrentThreadId
CreateFileA
RaiseException
SetStdHandle
RtlUnwind
GetCommandLineA
ExitProcess
GetConsoleOutputCP
GetUserDefaultLCID
EnumSystemLocalesA
WriteFile
GetCurrentProcess
GetLastError
UnhandledExceptionFilter
Sleep
ReadFile
EnterCriticalSection
SetEndOfFile
LCMapStringW
GetModuleHandleA
GetModuleFileNameW
ExitProcess
InitializeCriticalSection
GetFullPathNameA

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b98e4efa03d9b624112d0cf0f3bcc24

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

advapi32

shell32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 31KB - Virtual size: 30KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 31KB - Virtual size: 30KB

.crt
Size: 512B - Virtual size: 88KB