JaffaCakes118_97bb3a4ee9d41b40b899452442abf040

General

Target

JaffaCakes118_97bb3a4ee9d41b40b899452442abf040
Size

177KB
MD5

97bb3a4ee9d41b40b899452442abf040
SHA1

054ad10124611696061a1a227e9b99ccc87dc22a
SHA256

8d28eddc2a2257e13c2f2e1fb1b65dd8f562a8b4c32f57affcbd73db752d303d
SHA512

b788bcf6c87839ed624f70adb72f8b532cef2f54961cb6038bba13ad76f98358e91703c05ff121c47e33325df8c032da2e167af1946615eab88324205aff3216
SSDEEP

3072:vpXyJRPSPGs7VDy7symIXtSMayovDlpMLTMheUOTKzhQKiWJhLf0QC09/:RiLoVpQXthQDnMmepezDxfZNV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_97bb3a4ee9d41b40b899452442abf040

Files

JaffaCakes118_97bb3a4ee9d41b40b899452442abf040
.exe windows:4 windows x86 arch:x86

5b576e4bbea257af8210180669c51a4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetThreadPriority
WideCharToMultiByte
RtlUnwind
InterlockedDecrement
InterlockedIncrement
LCMapStringA
HeapReAlloc
SetEndOfFile
ExitProcess
TerminateProcess
HeapFree
PurgeComm
GetCommandLineA
GetCurrentThreadId
EnumSystemLocalesA
GetProcessHeap
LeaveCriticalSection
WriteConsoleW
GetModuleHandleA
Sleep
CloseHandle
GetCPInfo
EnumResourceNamesA
IsDebuggerPresent
GetModuleFileNameW
GetLocaleInfoW
GetCurrentProcess
WriteFile
LCMapStringW
UnhandledExceptionFilter
GetVersionExA
DeleteCriticalSection
ReadFile
CreateFileA
IsValidLocale
GlobalAlloc
GetFullPathNameW
IsValidCodePage
ExitProcess
WriteConsoleA
GetConsoleOutputCP
EnterCriticalSection
HeapSize
MultiByteToWideChar
GetCurrentDirectoryW
SetStdHandle
SetUnhandledExceptionFilter
RaiseException
GetUserDefaultLCID
GetProcAddress
GetLastError
InitializeCriticalSection
HeapAlloc
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b576e4bbea257af8210180669c51a4c

Headers

File Characteristics

Imports

advapi32

kernel32

shell32

user32

rpcrt4

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 348KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 348KB