df9a54881d2ddaf302ed481e7fc7f5a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df9a54881d2ddaf302ed481e7fc7f5a1_JaffaCakes118
Size

158KB
MD5

df9a54881d2ddaf302ed481e7fc7f5a1
SHA1

b00d24913076bfc4e8f545eb20356ea6330ab8dd
SHA256

22147dc4db0fbb2e9dfa8632f2a641c3510c208da9b821cde79a8e509838e5c5
SHA512

94aea410e1c32e6c286a4f16ffd6ab0d96af90edef951917deb990c105a553ed9cae4af3eabaf8dd58a82504f211a4bb0134c7ef9c96986c1dcfd1a4fe0a5b05
SSDEEP

3072:SA5umrT50bT3iwP8G7Zhn4ENoC8NWtVBGqJnFs51Z/s8OUyMhGiWxoLgQj:SA9Sb7ioBb4uR2WtLS1Z/s8O28xoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PAYMENT-INVOICE-OVERDUE98878787-EXEL.exe

Files

df9a54881d2ddaf302ed481e7fc7f5a1_JaffaCakes118
.rar
PAYMENT-INVOICE-OVERDUE98878787-EXEL.exe
.exe windows:5 windows x86 arch:x86

fb599da96ec68b816a7f084ae9468b50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
SetStdHandle
LCMapStringW
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetStringTypeW
HeapAlloc
GetProcessHeap
CloseHandle
GetACP
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
GetStdHandle
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapReAlloc
LeaveCriticalSection
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
DecodePointer
EnterCriticalSection
LoadLibraryW
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
CreateFileW

comdlg32

PageSetupDlgW
GetFileTitleA
GetOpenFileNameA
GetFileTitleW
ChooseFontA
PrintDlgW
GetSaveFileNameW
PageSetupDlgA
CommDlgExtendedError

ole32

OleSave
CoDisconnectObject
OleIsCurrentClipboard
StgCreateDocfile
ReadStringStream
CreateStreamOnHGlobal
HGLOBAL_UserFree
OleDraw
OleGetIconOfClass
HMETAFILEPICT_UserMarshal
CreateGenericComposite
CoMarshalHresult
HMENU_UserFree
OleConvertIStorageToOLESTREAMEx
CoCreateGuid
CoCopyProxy
CoReleaseServerProcess
CoTaskMemFree
HACCEL_UserMarshal
OleLoadFromStream
CoSetProxyBlanket
HPALETTE_UserMarshal

ws2_32

getpeername
WSAInstallServiceClassA
ioctlsocket
WSAHtonl
WSAAsyncGetHostByAddr
WSAAddressToStringA
WSACreateEvent
WSALookupServiceNextA
WSAInstallServiceClassW
WSAJoinLeaf
listen
WSASocketA
accept
WSASetBlockingHook
WSASend
WSASendTo
WSAAsyncGetProtoByNumber
inet_addr

msacm32

acmDriverClose
acmFilterChooseA
acmFilterTagEnumA
acmFormatChooseW
acmFilterDetailsW
acmFormatEnumA
acmFormatEnumW
acmFormatTagEnumW
acmDriverAddA
acmStreamPrepareHeader
acmFilterTagDetailsW
acmFormatTagEnumA
acmDriverOpen
acmDriverDetailsW
acmFormatTagDetailsW

msvfw32

ICDrawBegin
DrawDibOpen
GetOpenFileNamePreview
MCIWndCreateA
MCIWndCreate

avifil32

EditStreamPaste
EditStreamSetInfo
AVIStreamFindSample
AVIFileInfoW
AVIStreamOpenFromFileA
AVIStreamLength
AVIGetFromClipboard
AVISave
AVIStreamWrite

avicap32

videoThunk32

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb599da96ec68b816a7f084ae9468b50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

ole32

ws2_32

msacm32

msvfw32

avifil32

avicap32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 29KB - Virtual size: 32KB

.rsrc Size: 207KB - Virtual size: 207KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 29KB - Virtual size: 32KB

.rsrc
Size: 207KB - Virtual size: 207KB

.reloc
Size: 6KB - Virtual size: 5KB