JaffaCakes118_62bf65815b4462e52b5dbc57f9ffc346

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_62bf65815b4462e52b5dbc57f9ffc346
Size

451KB
MD5

62bf65815b4462e52b5dbc57f9ffc346
SHA1

c8dd077f0a531ed32bb38e7fc7e2276ff78ca50a
SHA256

8cd7e186b5c3fcb9b441423d7112201807f51d3a2376c067b354c7547badb61d
SHA512

6dc96c8f53805f4549e1fd3b41c2c59535d6bf921e8f0bd44cc202013a6d9f8d2bbb50e267f910aa1754b72f1416264428171a3a40cc513bfbaa935dc735292b
SSDEEP

12288:1hjAy8rGiyrt33seggTRf8z7ttttttttIWgjxDd:pKMrzTRC7tttttttt9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_62bf65815b4462e52b5dbc57f9ffc346

Files

JaffaCakes118_62bf65815b4462e52b5dbc57f9ffc346
.exe windows:5 windows x86 arch:x86

81eba609f09f83ae8dff82a3ad01aaef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

PDB Paths

P:\work\Refer\closely\achieve\unre.pdb

Imports

kernel32

GetStringTypeW
LCMapStringW
CreateFileA
LoadLibraryW
MultiByteToWideChar
WriteConsoleW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
lstrcatA
DeleteCriticalSection
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
HeapSize
HeapReAlloc
FlushFileBuffers
SetEndOfFile
GetProcessHeap
lstrcpyA
GetVersion
CloseHandle
GetModuleHandleA
GetModuleFileNameA
FreeEnvironmentStringsW
HeapCreate
LoadLibraryA
GetProcAddress
CreateFileW
FreeLibrary
GetLastError
SetFilePointer
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
IsProcessorFeaturePresent
HeapFree
GetConsoleMode
GetConsoleCP
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
ReadFile

user32

DialogBoxParamA
LoadCursorA
UpdateWindow
EndPaint
SetWindowRgn
SetTimer
RegisterClassExA
GetWindowDC
FillRect
KillTimer
DrawTextA
LoadStringA
CopyImage
LoadIconA
GetClientRect
SendMessageA
BeginPaint
GetDC
SetDlgItemInt
SetWindowLongA
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
GetCursorPos
ShowWindow
CreatePopupMenu
CheckRadioButton
SetWindowTextA

gdi32

DeleteDC
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
FillRgn
GetObjectA
GetStockObject
CreateSolidBrush
TextOutA
CreateEllipticRgn

winspool.drv

EnumPrintersA

comdlg32

FindTextA

advapi32

AdjustTokenGroups

secur32

InitializeSecurityContextA
AcquireCredentialsHandleA
AcceptSecurityContext

wtsapi32

WTSEnumerateSessionsA

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81eba609f09f83ae8dff82a3ad01aaef

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

secur32

wtsapi32

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 9KB - Virtual size: 9KB