JaffaCakes118_61074c81e777e01f2e2e9c0797314ca3

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_61074c81e777e01f2e2e9c0797314ca3
Size

569KB
MD5

61074c81e777e01f2e2e9c0797314ca3
SHA1

a0b407a1f60ed0efb2ac7d71b0b6dda0d64bb6ce
SHA256

87f525e4f873547ccc36dda1dd4274f1a7fcfcbaec56a55eedd4f298543f021b
SHA512

c8f4330c846d8f0dccc03bb5a9ba061788f1c4542b8246ff5ee41280590475a03ea04954a41c57a05a0394f5ea7d7e1d8f9e73a189bba572691102fde6477464
SSDEEP

12288:QLSLyjBftSM5D2gdvfSS2GIIyJ8b/hhL9n7FE4:9LyjBfIA70GQ8b/DL9n64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_61074c81e777e01f2e2e9c0797314ca3

Files

JaffaCakes118_61074c81e777e01f2e2e9c0797314ca3
.exe windows:5 windows x86 arch:x86

a51fa66aefc8e232e5060b01bba8da04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetSystemDirectoryA
GlobalUnlock
GetStdHandle
GetLastError
GetProcAddress
LoadLibraryA
GetConsoleScreenBufferInfo
EnumDateFormatsA
FindFirstChangeNotificationA
FillConsoleOutputAttribute
GetVersionExA
CloseHandle
GetCurrentProcessId
GetProcessHeap
SetEndOfFile
HeapReAlloc
HeapSize
FlushFileBuffers
SetStdHandle
WriteConsoleW
SetFilePointer
GetFileAttributesW
Sleep
GetStringTypeW
GlobalAlloc
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
DeleteCriticalSection
HeapFree
GetConsoleMode
GetConsoleCP
LCMapStringW
WideCharToMultiByte
RtlUnwind
InitializeCriticalSectionAndSpinCount
SetConsoleCursorPosition
FindCloseChangeNotification
WaitForSingleObject
GlobalLock
GetCurrentProcess
HeapAlloc
GetFileSize
LeaveCriticalSection
EnterCriticalSection
HeapCreate
GetModuleFileNameW
CreateFileW
WriteFile
GetCurrentThreadId
SetLastError
CreateFileA
GetSystemTimeAsFileTime
FillConsoleOutputCharacterA
TlsFree
TlsSetValue
MultiByteToWideChar
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue

user32

EndDeferWindowPos
DestroyWindow
GetUserObjectInformationA
GetWindowRect
IsMenu
IsIconic
GetKeyState
LoadStringA
GetClientRect
GetWindowTextLengthA
SendMessageA
GetMenu
SetWindowLongA
GetWindowLongA
GetClassNameW
SendDlgItemMessageW
GetMenuItemInfoA
LoadAcceleratorsA
CreateDialogParamW
GetMenuItemCount
DeferWindowPos
GetSystemMetrics

comdlg32

ChooseColorA

advapi32

CredEnumerateA
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
DeleteService

shell32

SHGetFileInfoA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
OleSavePictureFile

msacm32

acmDriverDetailsA
acmMetrics

comctl32

ImageList_Create

dbghelp

EnumerateLoadedModules

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sidata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tss
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a51fa66aefc8e232e5060b01bba8da04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

msacm32

comctl32

dbghelp

Sections

.text Size: 447KB - Virtual size: 446KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 12KB

.sidata Size: 4KB - Virtual size: 4KB

.tss Size: 512B - Virtual size: 223B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 87KB - Virtual size: 86KB

.text
Size: 447KB - Virtual size: 446KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 12KB

.sidata
Size: 4KB - Virtual size: 4KB

.tss
Size: 512B - Virtual size: 223B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 87KB - Virtual size: 86KB