JaffaCakes118_680abe251f550f964796474d9af501a0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_680abe251f550f964796474d9af501a0
Size

164KB
MD5

680abe251f550f964796474d9af501a0
SHA1

c8a5dffad8c97ddb20a64f3def2719e9113d8157
SHA256

51a038ee36d6f763369da1566417dc0831ef0a983b12b3338f10376809ed3c86
SHA512

e16cd8c616cd08c0d1dc130c4ffa7339c221631c6efd0c1b8ece88df1479560e39f986aac0436d0bb172ca61ef1ef79ee08daae2e12c2057099aaf3cd9094e8e
SSDEEP

3072:u2sRnKDqxaGxDazNUOjXQ2Ar1OhmuBKxQkAep6mIpcfioGjfGCH:qLwGxDvOjrAxqp4p6Bqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_680abe251f550f964796474d9af501a0

Files

JaffaCakes118_680abe251f550f964796474d9af501a0
.exe windows:4 windows x86 arch:x86

13b1fe45f0d22bcf44a27a8f2e583b53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
lstrcatA
lstrcpyA
LocalFree
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateThread
SetEvent
CopyFileA
WriteFile
GetWindowsDirectoryA
CreateFileA
ReadFile
FreeLibrary
lstrcmpiA
AllocConsole
SetConsoleTitleA
GetLastError
GetProfileIntA
GetTickCount
WaitForMultipleObjects
GetThreadPriority
SetThreadPriority
InterlockedExchange
CreateSemaphoreA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
CloseHandle
DeleteFileA
CreateEventA
WaitForSingleObject
ResetEvent
Sleep
lstrlenA
SetFilePointer
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
WideCharToMultiByte
IsBadWritePtr
IsBadReadPtr
HeapValidate
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetCurrentThread
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DebugBreak
GetStdHandle
OutputDebugStringA
LoadLibraryA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
FatalAppExitA

user32

GetMessageA
TranslateAcceleratorA
TrackPopupMenu
GetSubMenu
GetClientRect
wsprintfA
PostMessageA
DispatchMessageA
TranslateMessage
GetQueueStatus
RegisterWindowMessageA
PostThreadMessageA
wvsprintfA
MsgWaitForMultipleObjects
LoadMenuA
UpdateWindow
EndDialog
BeginPaint
GetWindowRect
SetWindowPos
EndPaint
PostQuitMessage
DefWindowProcA
ClientToScreen
InvalidateRect
DestroyWindow
DialogBoxParamA
CreateWindowExA
ShowWindow
LoadIconA
LoadCursorA
RegisterClassExA
MessageBoxA
LoadStringA
GetSystemMenu
LoadAcceleratorsA
GetMenu
EnableMenuItem
PeekMessageA

gdi32

StretchBlt
CreateCompatibleDC
SetPixel
SelectObject
CreateCompatibleBitmap
DeleteDC
DeleteObject

comdlg32

GetSaveFileNameA

ole32

MkParseDisplayName
CreateBindCtx
CoInitialize
CoUninitialize
CoCreateInstance
CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
SysStringLen
SysFreeString

winmm

timeGetTime

ksproxy.ax

KsSynchronousDeviceControl

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�l��u"
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13b1fe45f0d22bcf44a27a8f2e583b53

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

winmm

ksproxy.ax

advapi32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 3KB

�l���u" Size: 20KB - Virtual size: 20KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 3KB

�l��u"
Size: 20KB - Virtual size: 20KB