JaffaCakes118_66fd0fb4274d33d3d5b8ab0de8a7d26e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_66fd0fb4274d33d3d5b8ab0de8a7d26e
Size

192KB
MD5

66fd0fb4274d33d3d5b8ab0de8a7d26e
SHA1

165203d458ff5aa7d764cc2bd4ff4799b2103aef
SHA256

0f04d91dd99971caa405a50fd8b3f851274fb3a53e9f7b1a9421d5114c812f5c
SHA512

5b255ef6abb1cfa2a861195035e822c7fecd24c2c9f48684acb9c5fd684e85dca5ae99a4b445d17502b8f534f4b2a461becd858a89f80892cc7574255a1c8203
SSDEEP

3072:YfjOTKIudVwHQKde3sojb0t2AP89BENUH+3PkC66UuwzCt4ld/GBNkPWmnBnU:Y7YKLK08mfg8CUoPUBCt4l0kPPU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_66fd0fb4274d33d3d5b8ab0de8a7d26e

Files

JaffaCakes118_66fd0fb4274d33d3d5b8ab0de8a7d26e
.exe windows:4 windows x86 arch:x86

64a2ebf9ee6c85a136d01070c5c0e3d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
HeapFree
InterlockedDecrement
SetUnhandledExceptionFilter
DeleteCriticalSection
GetEnvironmentStringsW
WriteConsoleA
SetFilePointer
FlushFileBuffers
EnumSystemLocalesA
GetThreadPriority
VirtualFree
HeapSize
GetCurrentProcessId
GetCommandLineA
GlobalAlloc
GetCurrentThreadId
TlsAlloc
GetStringTypeA
WriteFile
Sleep
RaiseException
ReadFile
FreeEnvironmentStringsW
TerminateProcess
HeapCreate
GetLastError
IsDebuggerPresent
FreeEnvironmentStringsA
SetCommTimeouts
TlsSetValue
LCMapStringA
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
TlsGetValue
IsValidLocale
CloseHandle
GetConsoleOutputCP
GetEnvironmentStrings
GetProcessHeap
EnumResourceNamesA
GetLocaleInfoA
RtlUnwind
TlsFree
UnhandledExceptionFilter
SetEndOfFile
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetFullPathNameW
InitializeCriticalSection
WriteConsoleW
GetACP
LCMapStringW
HeapAlloc
InterlockedIncrement
GetCPInfo
GetConsoleCP
IsValidCodePage
WideCharToMultiByte
GetOEMCP
CreateFileA
LoadLibraryA
GetStdHandle
GetUserDefaultLCID
ExitProcess
ExitProcess
GetProcAddress
GetLocaleInfoW
GetVersionExA
GetModuleHandleA
HeapDestroy
GetCurrentProcess
GetStringTypeW
SetStdHandle
MultiByteToWideChar
GetTickCount
GetSystemTimeAsFileTime
HeapReAlloc
VirtualAlloc
SetLastError
GetModuleFileNameW
GetConsoleMode
GetFileType
GetFullPathNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoCreateGuid
CoInitialize
CoSetProxyBlanket

shlwapi

SHDeleteKeyW

user32

GetClassLongA
MessageBoxW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64a2ebf9ee6c85a136d01070c5c0e3d1

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

rpcrt4

ole32

shlwapi

user32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 88KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 88KB