JaffaCakes118_4399f51fd2de3b3023a2d0d6f42056bb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_4399f51fd2de3b3023a2d0d6f42056bb
Size

106KB
MD5

4399f51fd2de3b3023a2d0d6f42056bb
SHA1

8a87174f25f504697aec3673794da7b3b89d7258
SHA256

404378374ff171b6a44efe5d516ca459930d2ff0068707e1385684a2e99ec11a
SHA512

1837f1738e3c328eb82b12058bcd1f5d761272a2fb165ab6627633298b964f46f83c916a785073b9fddbc41da3477a7a93f7518d5d1860f1fa253be42c07840a
SSDEEP

3072:bu6Q5eEZ1P8ZkEC7BpKZ72WNYaz6GnF2:buJ5eEzB9i72kfGgM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4399f51fd2de3b3023a2d0d6f42056bb

Files

JaffaCakes118_4399f51fd2de3b3023a2d0d6f42056bb
.exe windows:5 windows x86 arch:x86

94a5029e106078f222c7fb337cbdac28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetThreadPriority
QueryPerformanceCounter
lstrcpyW
GetFileSize
VirtualFree
InitializeCriticalSection
GetTickCount
InterlockedDecrement
GetFullPathNameW
CloseHandle
InterlockedIncrement
GlobalFree
lstrlenA
CreateEventW
CreateThread
GetCurrentProcess
GetPrivateProfileStringW
GetSystemTimeAsFileTime
LeaveCriticalSection
GetCurrentThread
GlobalLock
GetProfileIntA
ReleaseSemaphore
lstrcmpiW
SetEvent
PostQueuedCompletionStatus
WideCharToMultiByte
MulDiv
lstrcpyA
HeapFree
GetVersionExW
lstrlenW
lstrcmpW
GetProcessHeap
ReadFile
SetThreadPriority
GlobalUnlock
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetACP
GlobalMemoryStatus
SetEndOfFile
OutputDebugStringW
lstrcpynW
GetTimeZoneInformation
IsBadReadPtr
InterlockedExchange
CreateSemaphoreW
WriteFile
EnterCriticalSection
GetQueuedCompletionStatus
WaitForMultipleObjects
CreateFileW
GlobalAlloc
GetCurrentProcessId
IsBadCodePtr
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateIoCompletionPort
GetModuleFileNameA
LoadLibraryW
SetFilePointer
GetSystemInfo
DeleteFileW
WaitForSingleObject
GetSystemDefaultLangID
GetFileAttributesW
GetDiskFreeSpaceW
HeapAlloc
IsBadWritePtr
GetLastError
GlobalHandle

user32

DispatchMessageW
IsWindow
GetDC
GetAsyncKeyState
LoadStringW
GetWindowRect
SetDlgItemTextW
SendMessageW
GetDlgItem
IsWindowVisible
SetWindowLongW
GetDesktopWindow
IsRectEmpty
GetDlgItemInt
ReleaseDC
SetCursor
GetWindowLongW
DestroyWindow
ClientToScreen
InvalidateRect
ShowWindow
EnableWindow
CheckDlgButton
CreateDialogParamW
DefWindowProcW
LoadCursorW
TranslateMessage
PeekMessageW
GetClientRect
SetDlgItemInt
CheckRadioButton
MoveWindow

ifsutil

?AddStart@NUMBER_SET@@QAEEVBIG_INT@@@Z
?AddEdge@DIGRAPH@@QAEEKK@Z
?AddEntry@AUTOREG@@SGEPBVWSTRING@@@Z
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?CheckAndAdd@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries

ncobjapi

WmiCreateObjectWithFormat
WmiCreateObject
WmiCreateObjectWithProps
WmiEventSourceConnect
WmiAddObjectProp
WmiCommitObject
WmiDestroyObject
WmiSetAndCommitObject
WmiEventSourceDisconnect
WmiIsObjectActive

nddeapi

NDdeGetShareSecurityW
NDdeGetTrustedShareA
NDdeGetTrustedShareW
NDdeIsValidAppTopicListW
NDdeIsValidAppTopicListA
NDdeIsValidShareNameA
NDdeGetErrorStringA
NDdeGetShareSecurityA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94a5029e106078f222c7fb337cbdac28

Headers

File Characteristics

Imports

kernel32

user32

ifsutil

ole32

ncobjapi

nddeapi

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 69KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 69KB

.rsrc
Size: 24KB - Virtual size: 23KB