JaffaCakes118_40e01e24f7f6da6f3a53da50e54f9187

General

Target

JaffaCakes118_40e01e24f7f6da6f3a53da50e54f9187
Size

192KB
MD5

40e01e24f7f6da6f3a53da50e54f9187
SHA1

a4f70eca299a2bbe9c238d3b35ba6eff0e7c7fbf
SHA256

d7e0f5af93d083b9346ee2c4cd6b972f2c597b14fe4d4e4db8eda5b4fd30a802
SHA512

bd0e6bc15b73f59b154dcbd003510fbe2ad03ecc8bbf3f5bad830667e9f742612c521d5c010f6ef1bbc881c7fd6d2aa761188a12062fecf809518e03d3ee13d5
SSDEEP

6144:UjW8x6XKUCuxWNLw+i8qo1InMybISNqm5:gxApW18bL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_40e01e24f7f6da6f3a53da50e54f9187

Files

JaffaCakes118_40e01e24f7f6da6f3a53da50e54f9187
.exe windows:4 windows x86 arch:x86

9846017bf1e1d439ac9244d8795b69bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedDecrement
MultiByteToWideChar
GetCommandLineA
IsValidCodePage
IsDebuggerPresent
CreateFileA
Sleep
GetThreadPriority
GetModuleFileNameW
DeleteCriticalSection
ExitProcess
PurgeComm
WriteConsoleW
HeapAlloc
GetConsoleOutputCP
IsValidLocale
GetCurrentThreadId
WideCharToMultiByte
GetCurrentProcess
ReadFile
TerminateProcess
LeaveCriticalSection
GetCPInfo
CloseHandle
EnterCriticalSection
GetVersionExA
GetLocaleInfoW
SetUnhandledExceptionFilter
GetCurrentDirectoryW
EnumResourceNamesA
HeapFree
GlobalAlloc
HeapReAlloc
SetStdHandle
UnhandledExceptionFilter
InitializeCriticalSection
GetLastError
GetUserDefaultLCID
RtlUnwind
ExitProcess
WriteFile
InterlockedIncrement
WriteConsoleA
RaiseException
EnumSystemLocalesA
GetFullPathNameW
SetEndOfFile
GetModuleHandleA
GetProcessHeap
GetProcAddress
HeapSize
LCMapStringW
LCMapStringA
GetFullPathNameA

rpcrt4

UuidCreate

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9846017bf1e1d439ac9244d8795b69bd

Headers

File Characteristics

Imports

kernel32

rpcrt4

advapi32

shell32

user32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 84KB