JaffaCakes118_459eab3f8d57e9390562c080095fcaae

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_459eab3f8d57e9390562c080095fcaae
Size

519KB
MD5

459eab3f8d57e9390562c080095fcaae
SHA1

3c500a574fdf8bddd4a083788fd24b02eacd241d
SHA256

88c547758660fde76610c2de5dc9352a74b3cc699dd8518fe19596b4ed8c4329
SHA512

438c23c52639cefcc3bc9438fa52f337585c6ecc38bc80d15f6e9fffa30f59a394d3bc322e8e3cbb40bf706a8932261e4c1aa355b177eadec02b473465ed84ae
SSDEEP

12288:+DAA46NWxzdfL19YLl84rkdJ45sWT6AlTCVTthwaRo:+DgxhfLsgda/GsGtab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_459eab3f8d57e9390562c080095fcaae

Files

JaffaCakes118_459eab3f8d57e9390562c080095fcaae
.exe windows:5 windows x86 arch:x86

952dd6cddae868fb659301bea01d7df6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

PDB Paths

E:\cut\interfacedthe\URIPthe\numbe.pdb

Imports

kernel32

FreeLibrary
GetStringTypeW
LCMapStringW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
MultiByteToWideChar
LoadLibraryW
OutputDebugStringW
WriteConsoleW
GetSystemTimeAsFileTime
ExitProcess
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
LoadLibraryA
FindClose
GetProcessHeaps
GetCurrentDirectoryW
GetLastError
FindFirstFileA
GetStdHandle
SetConsoleCursorPosition
GetLogicalDrives
InterlockedDecrement
FillConsoleOutputCharacterA
HeapAlloc
lstrlenA
OutputDebugStringA
WriteFile
HeapCreate
GetFileType
SetHandleCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
SetLastError
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleW
TlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
GetProcessHeap
VirtualQuery
SetStdHandle
CreateFileW
CloseHandle
FlushFileBuffers
GetProcAddress
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetModuleFileNameW
RaiseException
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleFileNameA

user32

SendMessageA
DefWindowProcA
LoadCursorA
FindWindowA
SetWindowTextA
GetSystemMetrics
GetClassInfoA
SetMenu
EndPaint
PostQuitMessage
KillTimer
GetFocus
LoadIconA
wsprintfA
GetClientRect
ExitWindowsEx
GetWindowTextLengthA
SetClassLongA
BeginPaint
GetDC
GetWindowTextA
GetKeyboardLayout
InvalidateRect
UnregisterClassA
ReleaseDC
ShowWindow

gdi32

MoveToEx
BitBlt
LineTo
SetWindowExtEx
DeleteDC
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
CreateCompatibleBitmap
GetMapMode
CreatePen
SetViewportExtEx
GetTextMetricsA
GetObjectA
GetStockObject
TextOutA

comdlg32

ReplaceTextA

advapi32

CloseEventLog
ClearEventLogA
OpenEventLogA

ole32

CoInitializeSecurity
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
VariantChangeType
VariantInit
VariantClear
SysStringLen
SysAllocString

userenv

GetProfilesDirectoryA

msacm32

acmStreamUnprepareHeader

version

GetFileVersionInfoW

imm32

ImmGetDefaultIMEWnd
ImmGetDescriptionA
ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext
ImmGetCandidateListA
ImmGetConversionStatus

Exports

Exports

Pi

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

952dd6cddae868fb659301bea01d7df6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

userenv

msacm32

version

imm32

Exports

Exports

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 44KB - Virtual size: 51KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 44KB - Virtual size: 51KB

.rsrc
Size: 98KB - Virtual size: 98KB