JaffaCakes118_6e2022975a4f072c5e97ba809cebc980

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6e2022975a4f072c5e97ba809cebc980
Size

576KB
MD5

6e2022975a4f072c5e97ba809cebc980
SHA1

987185bedbdab30bab94ea6c4d6eca0315ebda59
SHA256

64d6d2caf9a24b3302c7fc6604438ce5a324bc38f03c00afd01c7dadaf11300a
SHA512

cfa29dd7557123a12f0e202402d46505f6f37987029169a186682b84d833a6ccecb7c0fa916500a359efc1760aaeb1f00faf4dfc75a12585adb95a6d586bfcde
SSDEEP

12288:ASfgVZe8OZLJrYGwhxwE9/Gmu7pwdXfIgVytNt+EKUcNA:Ag0bhJ5GfA3/Uce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e2022975a4f072c5e97ba809cebc980

Files

JaffaCakes118_6e2022975a4f072c5e97ba809cebc980
.exe windows:5 windows x86 arch:x86

f0fd2b0cf9f928454a8824756ed2b663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetTickCount
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameW
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
GetModuleHandleW
GetProcAddress
DecodePointer
EncodePointer
HeapFree
GetSystemTimeAsFileTime
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapReAlloc
RtlUnwind
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
SetStdHandle
WriteConsoleW
lstrcpyW
GetCurrentProcessId
CloseHandle
GetModuleHandleA
LockResource
CreateFileMappingA
LoadLibraryA
EnterCriticalSection
VerLanguageNameA
GetLastError
ReleaseSemaphore
lstrlenW
CreateSemaphoreA
HeapCreate
LeaveCriticalSection
SizeofResource
Sleep
FindResourceExA
WriteFile
WaitForSingleObject
GlobalLock
HeapAlloc
LoadResource
MapViewOfFile
GetLocaleInfoA
CreateFileA
lstrlenA
GetOEMCP
CreateFileW

user32

GetSubMenu
DrawIconEx
DeleteMenu
CopyImage
GetFocus
LoadBitmapA
LoadIconA
IsWindowEnabled
DrawTextA
GetMenuItemID
MoveWindow
RegisterClassA
ClientToScreen
EndPaint
FillRect
SetDlgItemTextA
GetWindowDC
PostQuitMessage
wsprintfA
DrawIcon
GetClientRect
CreateDialogParamA
GetWindowRect
CloseClipboard
EndDeferWindowPos
DestroyIcon
LoadCursorA
FindWindowA
DestroyMenu
SetClipboardData
EnableWindow
LoadImageA
SetWindowTextA
GetSystemMetrics
BeginDeferWindowPos
DeferWindowPos
OpenClipboard
GetKeyboardType
IsWindow
GetMenuItemCount
AppendMenuA
CheckMenuItem
DestroyWindow
GetClassInfoA
IsDlgButtonChecked
CreatePopupMenu
CreateMenu
GetWindowTextLengthA
SendMessageA
BeginPaint
GetIconInfo
GetDC
SetSysColors
GetMenu
OffsetRect
GetCursorInfo
GetWindowTextA
SetRect
SetWindowLongA
MessageBoxA
UnionRect
UnregisterClassA
SystemParametersInfoW
CreateWindowExA
ReleaseDC
EnableMenuItem
EmptyClipboard
SetClassLongA
GetMenuState
GetDlgItem
EndDialog
DefWindowProcA
SendMessageTimeoutA
GetDesktopWindow
LoadStringW
GetMenuStringA
EnumWindowStationsW
ShowWindow
SetMenu

gdi32

GetBitmapBits
BitBlt
PatBlt
GetTextExtentPoint32A
TextOutA
CreateSolidBrush
RestoreDC
GetStockObject
CreateRectRgn
SaveDC
CreateCompatibleBitmap
CombineRgn
CreateCompatibleDC
SelectObject
DeleteObject
CreateBitmap
ExcludeClipRect
SetBkColor
GetDeviceCaps
DeleteDC
CreateFontA
SetTextColor

advapi32

IsValidAcl
GetAclInformation
RegQueryValueExA
RegCloseKey
GetLengthSid
CryptGenKey
RegOpenKeyExW
FreeSid
IsValidSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
RegQueryValueExW
LookupAccountSidA
GetTokenInformation

shell32

SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

oleaut32

OleCreatePictureIndirect

wininet

FtpSetCurrentDirectoryA

shlwapi

PathFindFileNameA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Add

rpcrt4

RpcServerUseProtseqEpA
RpcServerListen
RpcServerRegisterIfEx

secur32

GetUserNameExA

uxtheme

DrawThemeBackground

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0fd2b0cf9f928454a8824756ed2b663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

comctl32

rpcrt4

secur32

uxtheme

Sections

.text Size: 364KB - Virtual size: 364KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 5KB - Virtual size: 12KB

.ndata Size: 33KB - Virtual size: 33KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 364KB - Virtual size: 364KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 5KB - Virtual size: 12KB

.ndata
Size: 33KB - Virtual size: 33KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 63KB - Virtual size: 62KB