JaffaCakes118_6825c19896f6e12ed225094c68d9ec5f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6825c19896f6e12ed225094c68d9ec5f
Size

305KB
MD5

6825c19896f6e12ed225094c68d9ec5f
SHA1

bc38bea478ecb50c3d22291143459c5ebc6d5b39
SHA256

551b4a727f3a5c55155d04ecdbd85741a95356ec2d3e61a687dc469d8cee3114
SHA512

501724061036c37a4657e214237833d1998b56144723d584d2b9124dfa298634cf615d1ea987edb395b2bf0a56d83fd48fd1f62803bf7efca621b37bcb5c9ea8
SSDEEP

6144:B1D5KEgQwG+OkUuoUhZNhI20gveVtmdfsAQw0HwvLkw:4l5UuoUbNq274tmZ0Akw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6825c19896f6e12ed225094c68d9ec5f

Files

JaffaCakes118_6825c19896f6e12ed225094c68d9ec5f
.exe windows:4 windows x86 arch:x86

34fc620275854cd0ea4181604b16cad3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
MapViewOfFile
FormatMessageW
IsDebuggerPresent
GetCurrentThreadId
GetTempPathW
DeleteCriticalSection
VirtualFree
GetConsoleScreenBufferInfo
UnhandledExceptionFilter
SetEnvironmentVariableW
HeapDestroy
WaitForSingleObject
lstrcmpiW
SetErrorMode
ReleaseMutex
ExpandEnvironmentStringsW
WideCharToMultiByte
CreateProcessW
CreateEventW
LocalAlloc
LeaveCriticalSection
GetCommandLineW
HeapFree
FindClose
VirtualQuery
CreateFileW
SetProcessWorkingSetSize
FlushViewOfFile
LoadResource
GetUserDefaultUILanguage
FindNextFileW
MapViewOfFileEx
CreateMutexW
VirtualAlloc
GetFileType
GetFileAttributesExW
UnmapViewOfFile
GetModuleHandleW
HeapReAlloc
GetFileInformationByHandle
MoveFileExW
LoadLibraryExW
CopyFileW
InitializeCriticalSectionAndSpinCount
HeapSetInformation
CloseHandle
FreeLibrary
GetTempFileNameW
SetUnhandledExceptionFilter
SetEndOfFile
SwitchToThread
DuplicateHandle
GetACP
CreateFileMappingW
RaiseException
CreateThread
GetFileSize
GetSystemTimeAsFileTime
QueryPerformanceFrequency
SetConsoleCtrlHandler
GetDriveTypeW
GetConsoleMode
GetSystemInfo
FindFirstFileW
FindResourceExW
EnterCriticalSection
HeapAlloc
GetCurrentProcessId
VirtualAllocEx
GetModuleHandleA

psapi

GetProcessMemoryInfo

user32

LoadStringW

advapi32

CryptDestroyHash
RegOpenKeyExW
CryptCreateHash
RegQueryValueExW
RegCloseKey
CryptHashData
CryptGetHashParam
CryptAcquireContextW

oleaut32

LoadRegTypeLib
CreateErrorInfo
VarUI8FromBool
VarBoolFromI8
VarBoolFromUI4
VarDecFromUI4
VarI4FromStr
VarDecFromStr
VarDecDiv
VarPow
VarBstrFromBool
VarI8FromR8
VarCyAbs
SafeArrayPtrOfIndex
VarCyNeg
VarBoolFromI2
VarUI4FromStr
VarCyFix
VarBoolFromUI1
VarI4FromUI4
VarFormatNumber
VarR4FromUI8
SafeArrayLock
SafeArrayGetUBound
SetOaNoCache
VarDecFromDate
VariantInit
SafeArrayAllocDescriptorEx

msafd

WSPStartup

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 33KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 181KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34fc620275854cd0ea4181604b16cad3

Headers

File Characteristics

Imports

kernel32

psapi

user32

advapi32

oleaut32

msafd

Sections

.text Size: 19KB - Virtual size: 19KB

.bss Size: 33KB - Virtual size: 129KB

.reloc Size: 181KB - Virtual size: 1.1MB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 840KB

.rsrc Size: 18KB - Virtual size: 101KB

.text
Size: 19KB - Virtual size: 19KB

.bss
Size: 33KB - Virtual size: 129KB

.reloc
Size: 181KB - Virtual size: 1.1MB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 840KB

.rsrc
Size: 18KB - Virtual size: 101KB