JaffaCakes118_52e18c8057ae2b88a14bba6d4b69e7d7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_52e18c8057ae2b88a14bba6d4b69e7d7
Size

269KB
MD5

52e18c8057ae2b88a14bba6d4b69e7d7
SHA1

6f7e27548e2a0f583eed983abf244e16ff8dfdb1
SHA256

3083e34ab72890d2a8255b7c71dc76b5b4e1a3262e7c6d8e3dbc0f9721987ef4
SHA512

f28da611b9febc140980393e3343f4c911ea82eec7ccb40d534736d966916c4eba3484695cc98596cd90523ab4f6eb64c781d9ae7a566575daa2bf61030d5fd5
SSDEEP

6144:OJ3oS2G8MnHFaKrU3SZaHkTqITycShQHeQFQssNLgRwYE7z:Oe99EQK9Zek6QPsGC7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_52e18c8057ae2b88a14bba6d4b69e7d7

Files

JaffaCakes118_52e18c8057ae2b88a14bba6d4b69e7d7
.exe windows:4 windows x86 arch:x86

73caba00f20b95e99e56c1e55b40f163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
OpenSCManagerA
ControlService
RegCloseKey
RevertToSelf
RegEnumValueA
RegQueryInfoKeyA
DeleteService
RegEnumKeyExA
QueryServiceStatus
RegDeleteKeyA
RegFlushKey
OpenServiceA
RegOpenKeyExA
RegDeleteValueA
StartServiceA
CloseServiceHandle
RegSetValueExA
RegCreateKeyExA
ImpersonateSelf

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

kernel32

SetLastError
FormatMessageA
GetTimeZoneInformation
FindClose
lstrcmpiW
RemoveDirectoryA
TlsSetValue
FindResourceExA
WideCharToMultiByte
CompareStringW
DeleteFileA
VirtualProtect
TlsFree
SetStdHandle
LCMapStringA
GetStringTypeExA
GetACP
FindNextFileA
DeleteCriticalSection
HeapReAlloc
SetThreadPriority
GetModuleHandleA
GetStdHandle
GetSystemDirectoryA
OpenEventA
MoveFileExA
GetOEMCP
GetUserDefaultLCID
lstrcmpiA
WriteFile
IsValidLocale
TlsAlloc
SetEndOfFile
GetDateFormatA
SizeofResource
CreateProcessA
GetSystemInfo
ReleaseMutex
RtlUnwind
VirtualFree
HeapSize
VirtualQuery
LoadLibraryExW
LeaveCriticalSection
SetEnvironmentVariableA
ReadFile
FreeResource
OpenProcess
UnhandledExceptionFilter
IsBadCodePtr
SetHandleCount
GetCurrentDirectoryA
GetLocalTime
GetThreadLocale
LCMapStringW
GetTempPathA
HeapDestroy
lstrlenW
EnterCriticalSection
ResumeThread
LocalFree
TlsGetValue
GetWindowsDirectoryA
VirtualAlloc
GetTimeFormatA
CreateMutexA
FreeLibrary
CompareStringA
FreeEnvironmentStringsW
GetCurrentThreadId
CloseHandle
SetFilePointer
FlushFileBuffers
FatalAppExitA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
LockResource
HeapAlloc
SetFileAttributesA
GetSystemTimeAsFileTime
lstrlenA
SetPriorityClass
GetProcessHeap
LoadLibraryExA
CreateFileA
RaiseException
EnumSystemLocalesA
GetPrivateProfileStringA
IsValidCodePage
GetCommandLineA
FindFirstFileA
LoadResource
GetStringTypeExW
WaitForSingleObject
GetFileType
HeapFree
SetConsoleCtrlHandler
VirtualAllocEx

shell32

SHGetMalloc
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetDesktopFolder

user32

UnregisterClassA
MessageBoxA
CharToOemA
wsprintfA
RegisterWindowMessageA
FindWindowA
CharUpperW
GetSystemMetrics
FindWindowExA
LoadStringA
CharUpperA
CharLowerW
PostMessageA
CharLowerA

setupapi

SetupInstallServicesFromInfSectionA
SetupOpenInfFileA
SetupInstallFromInfSectionA

rtm

RtmCloseEnumerationHandle
RtmDeleteRouteList
RtmMarkDestForChangeNotification
RtmGetMostSpecificDestination
CheckTable
RtmAddRoute
RtmCreateDestEnum
RtmLookupIPDestination

asycfilt

DllCanUnloadNow

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73caba00f20b95e99e56c1e55b40f163

Headers

File Characteristics

Imports

advapi32

psapi

ole32

kernel32

shell32

user32

setupapi

rtm

asycfilt

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 807KB

.rsrc Size: 8KB - Virtual size: 31KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 807KB

.rsrc
Size: 8KB - Virtual size: 31KB