JaffaCakes118_62cb666528b6a870422fa7e606b5c596

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_62cb666528b6a870422fa7e606b5c596
Size

302KB
MD5

62cb666528b6a870422fa7e606b5c596
SHA1

e738346a78c411bbcff42d4c92d0176678de375b
SHA256

d8e6a6448798fc1d1757a878840cc6307aa01372a3ee90b3e9eb48e275d5e4c0
SHA512

3cd1dec12794b8c0240fc78b346f7c7cec403e1993ccf30f14d6577ad51f2adac7ec8f01ec139ea03fbac78b1e236457bf5a5cc20f5389e4142d41c69150c768
SSDEEP

6144:La9NFt1kJ3Bod/sc84LRabzGoFsYuc+6H3Gu1VPzphKJIJhrxLbnXKKV:La9Hi3Bod/sc8yafXFsf2XXzvfNbn6K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_62cb666528b6a870422fa7e606b5c596

Files

JaffaCakes118_62cb666528b6a870422fa7e606b5c596
.exe windows:4 windows x86 arch:x86

866c2202c21d4eb2ceb64eb46b3bcae8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW
GetDC
DestroyIcon
CharUpperW
PeekMessageW
MessageBeep
GetMessageW
GetMenuItemInfoA
OffsetRect
CharPrevA
LoadMenuA
SetCapture
LoadBitmapA
CreateAcceleratorTableA
CharUpperA

ole32

CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CoCreateInstance

kernel32

InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
LoadResource
RaiseException
LeaveCriticalSection
IsProcessorFeaturePresent
GlobalUnlock
GetProcessHeap
EnterCriticalSection
GetSystemTimeAsFileTime
GlobalAlloc
lstrlenW
GlobalSize
HeapFree
FindResourceExW
GlobalFree
FindResourceW
GetCurrentDirectoryW
HeapDestroy
IsDBCSLeadByteEx
SwitchToThread
GetFullPathNameW
LockResource
GlobalReAlloc
CreateFileW
UnhandledExceptionFilter
FreeLibrary
IsDebuggerPresent
OutputDebugStringW
GlobalLock
SetThreadLocale
GetTempFileNameW
GetModuleHandleW
HeapReAlloc
CloseHandle
CopyFileW
DeleteFileW
SizeofResource
HeapAlloc
GetThreadLocale
HeapSize
GetCurrentThreadId
GetFileSize
DeleteCriticalSection
ReadFile
GetStartupInfoA
VirtualAlloc

oleaut32

VariantInit
SafeArrayDestroy
SysFreeString
SafeArrayLock
RegisterTypeLi
SysStringByteLen
SafeArrayGetVartype
SafeArrayGetLBound
SysStringLen
LoadRegTypeLi
SysAllocStringLen
UnRegisterTypeLi
VarBstrCat
VarBstrCmp
LoadTypeLi
GetErrorInfo
SafeArrayGetUBound
SafeArrayUnlock
VariantClear
SysAllocStringByteLen
SysAllocString

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shlwapi

PathFindFileNameW
PathRenameExtensionW
PathCombineW
PathFindExtensionW
PathCanonicalizeW
PathRemoveFileSpecW
PathIsURLW
PathRemoveExtensionW
PathStripToRootW
PathIsRelativeW
PathFileExistsW

gdi32

GetClipBox

cmutil

CmEndOfStrW
CmStrStrW
GetOSBuildNumber
CmStrTrimW
CmAtolA
CmWinHelp

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

866c2202c21d4eb2ceb64eb46b3bcae8

Headers

File Characteristics

Imports

user32

ole32

kernel32

oleaut32

version

advapi32

shlwapi

gdi32

cmutil

Sections

.text Size: 25KB - Virtual size: 24KB

.data Size: 261KB - Virtual size: 464KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 25KB - Virtual size: 24KB

.data
Size: 261KB - Virtual size: 464KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB