JaffaCakes118_66f0e5a421e308d1bad945eeb469b34d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_66f0e5a421e308d1bad945eeb469b34d
Size

176KB
MD5

66f0e5a421e308d1bad945eeb469b34d
SHA1

a44f31b439db3588affcba9a78ca1e36b93a3a32
SHA256

eefdc751b3ca1dd5e2771a5d3e847efd8ec81dbf05447c927ffad071c95c88aa
SHA512

5e14ffd7520560ca5f15b788bb48f032a3307743fca25ab53dfb42316d14186817c03072cc74e992bfc9f16ad9b1613d755419b80a9d9ea6f9b1fc636d84efdf
SSDEEP

3072:y57GJO4OYlxry+oy3yuGAWquYqfUwdQoPW4iaq+1t+xaSNL6kq2:oKJO49lxryGCqyinVxaSJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_66f0e5a421e308d1bad945eeb469b34d

Files

JaffaCakes118_66f0e5a421e308d1bad945eeb469b34d
.exe windows:4 windows x86 arch:x86

ad70212c34f6becea2f83e545140d823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

MessageBoxW
GetMenuCheckMarkDimensions
CheckMenuItem
GetSysColor
EnableWindow
GetWindowTextW
GetLastActivePopup
IsWindowEnabled
ReleaseDC
GetWindowLongW
GetDC
GetSystemMetrics
ModifyMenuW
GetParent
LoadBitmapW
EnableMenuItem
LoadCursorW
GetSysColorBrush

kernel32

FlushFileBuffers
FreeEnvironmentStringsW
GetModuleFileNameA
IsBadWritePtr
VirtualAlloc
GetStartupInfoA
SetHandleCount
GetShortPathNameA
GetStringTypeA
SetFilePointer
RtlUnwind
GetProcessAffinityMask
WriteFile
TerminateProcess
GetCPInfo
HeapReAlloc
GetEnvironmentStrings
VirtualFree
SetUnhandledExceptionFilter
GetStringTypeW
EnumResourceTypesW
HeapDestroy
HeapSize
GetCommandLineA
GetSystemTimeAsFileTime
GetStdHandle
IsBadCodePtr
HeapCreate
HeapFree
GetOEMCP
HeapAlloc
GetFileType
UnhandledExceptionFilter
SetStdHandle
QueryPerformanceCounter
IsBadReadPtr
GetSystemInfo
GetFileAttributesA
GetEnvironmentStringsW
LCMapStringW
VirtualQuery
LCMapStringA
GetTickCount
VirtualProtect
GetCurrentProcessId
GetCurrentProcess
ExitProcess

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shell32

SHGetSpecialFolderPathW

gdi32

RectVisible
Escape
SelectObject
RestoreDC
SetWindowExtEx
TextOutW
SaveDC
SetTextColor
SetBkColor
ScaleWindowExtEx
SetViewportOrgEx
SetMapMode
PtVisible
ExtTextOutW
GetClipBox
SetViewportExtEx
DeleteDC
DeleteObject
CreateBitmap
ScaleViewportExtEx
GetDeviceCaps
OffsetViewportOrgEx
GetStockObject

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad70212c34f6becea2f83e545140d823

Headers

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

winspool.drv

shell32

gdi32

ole32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 248KB