JaffaCakes118_601601e38dfe2a751879c9d5768e4604

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_601601e38dfe2a751879c9d5768e4604
Size

288KB
MD5

601601e38dfe2a751879c9d5768e4604
SHA1

c85e70a8c29188983e5f284cf0e0dc2954c5adbf
SHA256

bcbd1ddc12b65f6f885ca74d9f4890f39d5adf1bcf9b43ba35acd861a96fb13e
SHA512

e7c6a0da65cfd1c96af96e4e32ca9240508da86c847230ac40518d0b20660c9e7613b501a2202277941f343aecbd6dd0f80ea0c6a066d2c3c833cfc3169191d0
SSDEEP

6144:dzroroe+qOf1fzMyJmC2Wnn5JU7Ekm8Nca0t:iroe+FI1W+tm8Ka0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_601601e38dfe2a751879c9d5768e4604

Files

JaffaCakes118_601601e38dfe2a751879c9d5768e4604
.exe windows:4 windows x86 arch:x86

41933a43619e5286fb6fc3f53cd51801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

shell32

CommandLineToArgvW
SHGetFolderPathW

comdlg32

GetOpenFileNameW

shlwapi

PathCombineW
PathRemoveFileSpecW

ole32

CLSIDFromString
CoRevokeClassObject
CLSIDFromProgID
CoInitialize
CoLoadLibrary
OleRun
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
StringFromCLSID
CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CoTaskMemRealloc
CoUninitialize

oleaut32

VarBstrCmp
SafeArrayGetDim
SafeArrayGetUBound
CreateErrorInfo
SafeArrayDestroy
SetErrorInfo
SafeArrayGetLBound
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
GetErrorInfo
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
SafeArrayGetElement

user32

GetSystemMenu
LoadStringW
DispatchMessageA
ShowWindow
GetMessageW
CreateWindowExW
MsgWaitForMultipleObjectsEx
MessageBoxW
DialogBoxParamW
GetMonitorInfoW
GetDesktopWindow
SetWindowLongW
SetCursor
GetWindow
GetFocus
GetWindowTextW
TranslateMessage
BeginPaint
MonitorFromWindow
PostThreadMessageW
EnableWindow
SetWindowPos
GetClientRect
SetForegroundWindow
CharNextW
GetDC
PeekMessageW
SetFocus
EndPaint
SystemParametersInfoW
IsWindowUnicode
GetClassInfoExW
PostMessageW
MapWindowPoints
GetSystemMetrics
UnregisterClassA
GetWindowTextLengthW
SendMessageW
GetWindowPlacement
EnableMenuItem
SetCapture
GetDlgItem
LoadCursorW
SetWindowTextW
ReleaseDC
SetDlgItemTextW
GetWindowRect
CallWindowProcW
GetDlgItemTextW
GetParent
MsgWaitForMultipleObjects
CharPrevW
TranslateAcceleratorW
SetWindowPlacement
EndDialog
LoadIconW
ReleaseCapture
GetWindowLongW
DefWindowProcW
RegisterClassExW
DestroyWindow
CreateDialogParamW
IsWindow
DispatchMessageW
GetMessageA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msi

ord8
ord32
ord204
ord45
ord113
ord205
ord92
ord111
ord120
ord160
ord70
ord159

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

kernel32

RtlUnwind
LeaveCriticalSection
GetACP
TlsSetValue
FindResourceW
MapViewOfFile
CloseHandle
SetEnvironmentVariableA
WaitForSingleObject
IsWow64Process
IsValidLocale
RaiseException
HeapDestroy
CreateMutexW
LCMapStringW
SetFileAttributesW
LocalFree
GetShortPathNameW
OutputDebugStringW
LockResource
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FindFirstFileW
GetProcessHeap
HeapFree
HeapSize
SetLastError
GetModuleHandleA
UnhandledExceptionFilter
LoadResource
WriteFile
FindResourceExW
GetTimeZoneInformation
CreateFileMappingW
InterlockedPopEntrySList
GetCommandLineA
EnterCriticalSection
CompareStringW
IsProcessorFeaturePresent
IsValidCodePage
MulDiv
CreateDirectoryW
CreateFileW
HeapAlloc
ResetEvent
GetTempFileNameW
ReleaseMutex
LocalAlloc
Process32NextW
GetStdHandle
UnmapViewOfFile
GetSystemInfo
lstrcmpA
FileTimeToSystemTime
SizeofResource
SetEndOfFile
LoadLibraryExW
FormatMessageW
GetCurrentDirectoryW
TlsGetValue
GetExitCodeThread
IsDebuggerPresent
FindNextFileW
GetTempPathW
GetPrivateProfileSectionW
GetFileType
WriteConsoleW
GetSystemDirectoryW
GetSystemTimeAsFileTime
EnumSystemLocalesA
CreateProcessW
GetDriveTypeW
SetHandleCount
GetLocalTime
CreateEventW
RemoveDirectoryW
FreeEnvironmentStringsW
PeekNamedPipe
GetConsoleMode
InterlockedPushEntrySList
GetFullPathNameW
FreeLibrary
CreateThread
GetSystemDefaultLCID
GetCurrentThreadId
CreateToolhelp32Snapshot
HeapReAlloc
WideCharToMultiByte
FlushFileBuffers
TlsAlloc
lstrlenW
TlsFree
GetPrivateProfileStringW
lstrlenA
Process32FirstW
lstrcmpiW
SetFilePointer
EnumUILanguagesW
FindFirstFileExW
ReadFile
DuplicateHandle
GetConsoleCP
VirtualFree
SetErrorMode
SetUnhandledExceptionFilter
GetWindowsDirectoryW
DeleteFileW
GetCommandLineW
GetModuleHandleW
GetFileInformationByHandle
FindClose
VirtualAlloc
FlushInstructionCache
SetStdHandle
GetOEMCP
VirtualAllocEx

ntprint

PSetupFreeMem
PSetupSelectDeviceButtons
PSetupGetDriverInfo3
PSetupThisPlatform
PSetupDriverInfoFromName

uniplat

CreateOverStructPool
ResetCallCount

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 236KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41933a43619e5286fb6fc3f53cd51801

Headers

File Characteristics

Imports

setupapi

shell32

comdlg32

shlwapi

ole32

oleaut32

user32

version

msi

gdi32

kernel32

ntprint

uniplat

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 236KB - Virtual size: 7.5MB

.rdata Size: 6KB - Virtual size: 192KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 236KB - Virtual size: 7.5MB

.rdata
Size: 6KB - Virtual size: 192KB

.rsrc
Size: 27KB - Virtual size: 26KB