JaffaCakes118_6944912b96155c2c7c19cc7d1b1f4c00

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6944912b96155c2c7c19cc7d1b1f4c00
Size

883KB
MD5

6944912b96155c2c7c19cc7d1b1f4c00
SHA1

ed75d65f2a0a37c7252d35a6fe6c241c63540da3
SHA256

41bd9b5145a70dc920a7da9acd00522787a3a35ab5152756040f463d4c4e6695
SHA512

b70615e81dd1219760233deddec6795f72ea393d3fa61435388046494b3be667861ad117aa2d86fbeaa460874528ef89fb77d24aa27edb8fdba1f9d683325e93
SSDEEP

24576:VDkjbaqfrV8t+CTuxc637p29VcJzN+xICJz9OEk4:VCXf4rT297pJJ8NJAl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6944912b96155c2c7c19cc7d1b1f4c00

Files

JaffaCakes118_6944912b96155c2c7c19cc7d1b1f4c00
.exe windows:4 windows x86 arch:x86

03557481bc3b99c7677b9a5bc55cb9e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
GetPrivateProfileStringA
GetCurrentProcess
LocalFileTimeToFileTime
SetFileTime
MoveFileExA
SetFilePointer
WriteFile
MoveFileA
GetFileAttributesA
lstrcmpA
SetEndOfFile
lstrcpynA
GetLocalTime
SetCurrentDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
CreateDirectoryA
GetLastError
GetCurrentThread
GetCurrentDirectoryA
GlobalReAlloc
FileTimeToLocalFileTime
GetFileTime
FileTimeToDosDateTime
GetPrivateProfileSectionA
SetFileAttributesA
DeleteFileA
FindNextFileA
FindClose
WinExec
Sleep
GetModuleFileNameA
GetSystemDefaultLCID
MulDiv
GetWindowsDirectoryA
GetTickCount
lstrcatA
lstrcmpiA
lstrlenA
lstrcpyA
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GetModuleHandleA
GetSystemInfo
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
OpenFile
_hwrite
_lclose
GetVersion
IsDBCSLeadByte
GetSystemDirectoryA
WriteProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GlobalCompact
WriteProfileStringA
GetFileType
LCMapStringA
GetProfileSectionA
GlobalHandle
SetErrorMode
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
RemoveDirectoryA
RtlUnwind
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc

user32

SetDlgItemTextA
LoadStringA
MessageBoxA
EndDialog
DialogBoxParamA
wsprintfA
PeekMessageA
SendDlgItemMessageA
BeginPaint
EndPaint
DefWindowProcA
LoadCursorA
GetClassInfoA
OemToCharA
KillTimer
PostQuitMessage
RegisterClassA
GetSysColor
IsDialogMessageA
CharLowerA
CreateWindowExA
EnableWindow
GetWindow
GetClassNameA
CharUpperA
GetWindowTextA
GetDlgItem
SendMessageA
PostMessageA
SetWindowTextA
GetSystemMetrics
SetWindowPos
ShowWindow
UpdateWindow
SetFocus
IsWindow
RegisterWindowMessageA
GetDC
ReleaseDC
ScreenToClient
SetTimer
LoadIconA
DestroyWindow
LoadBitmapA
CreateDialogParamA
InvalidateRect
IsWindowVisible
CharNextA
InflateRect
CharPrevA
CharToOemA
DdeGetData
DdeFreeDataHandle
DdeConnect
DdeClientTransaction
DdeGetLastError
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
DdeInitializeA
DdeCreateStringHandleA
ExitWindowsEx
FindWindowA
GetClientRect
FillRect
SetRect
SetRectEmpty
GetWindowLongA
GetWindowRect
DispatchMessageA
TranslateMessage
MessageBeep

gdi32

CreateDIBitmap
SelectPalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
LineTo
MoveToEx
DeleteObject
CreatePen
CreateFontIndirectA
GetObjectA
DeleteDC
BitBlt
CreateCompatibleDC
RestoreDC
Rectangle
GetStockObject
CreateSolidBrush
IntersectClipRect
SaveDC
CreateCompatibleBitmap
SetBkColor
CreateBitmap
SetPixel
GetTextExtentPointA
SelectObject
RealizePalette

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

AllocateAndInitializeSid
RegCloseKey
RegConnectRegistryA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
OpenSCManagerA
FreeSid
RegCreateKeyExA
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
EqualSid
GetTokenInformation
OpenThreadToken

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03557481bc3b99c7677b9a5bc55cb9e1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 14KB - Virtual size: 18KB

.rsrc Size: 736KB - Virtual size: 1.9MB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 14KB - Virtual size: 18KB

.rsrc
Size: 736KB - Virtual size: 1.9MB