618d5ae746ab07a99ccddcd63fa4555a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

618d5ae746ab07a99ccddcd63fa4555a_JaffaCakes118
Size

72KB
MD5

618d5ae746ab07a99ccddcd63fa4555a
SHA1

595e2a9690507754b84062ddce56a6b618c22173
SHA256

c304032eaa76a7737b0b8838067fd002d938f46ce33a6fac82aba8208f257779
SHA512

d9d98ab6df5513db5a2005c35a60ccb9eadf876caabb1d05e307d21b2829c06ac40bb6359c80e08b2c1d834319fc8091558c5f0147d02a00808d0820b4ebcca9
SSDEEP

1536:p2l3NK8z5MMwc7EGY1v4Ez+0omPsTgsuSLt:ydKcVwc7k4E+0omPsTgsuS5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
618d5ae746ab07a99ccddcd63fa4555a_JaffaCakes118

Files

618d5ae746ab07a99ccddcd63fa4555a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b756337644e4a8f57c525b7f14187b24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
FreeLibrary
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleFileNameA
SizeofResource
LoadResource
FindResourceA
Sleep
lstrcmpiA
IsDBCSLeadByte
HeapDestroy
lstrcpyA
lstrcatA
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
WriteFile
GetFileSize
CreateFileA
IsBadStringPtrA
GetTempPathA
FormatMessageA
MoveFileExA
CreateEventA
CreateThread
WaitForSingleObject
CloseHandle
SetEvent
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpynA
LoadLibraryExA
WideCharToMultiByte
GetModuleHandleA
GetLocalTime
GetStringTypeW
HeapAlloc
IsBadCodePtr
SetEnvironmentVariableA
FlushFileBuffers
CompareStringW
CompareStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
IsBadReadPtr
GetStringTypeA
HeapFree
HeapReAlloc
LCMapStringW
HeapCreate
GetVersion
ExitProcess
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA

user32

GetMessageA
DispatchMessageA
PostThreadMessageA
CharNextA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b756337644e4a8f57c525b7f14187b24

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 34KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 34KB